Daemon based on liblxc offering a REST API to manage containers

Overview

LXD

LXD

LXD is a next generation system container and virtual machine manager.
It offers a unified user experience around full Linux systems running inside containers or virtual machines.

It's image based with pre-made images available for a wide number of Linux distributions
and is built around a very powerful, yet pretty simple, REST API.

To get a better idea of what LXD is and what it does, you can try it online!
Then if you want to run it locally, take a look at our getting started guide.

Release announcements can be found here: https://linuxcontainers.org/lxd/news/
And the release tarballs here: https://linuxcontainers.org/lxd/downloads/

Status

Type Service Status
CI (client) GitHub Build Status
CI (server) Jenkins Build Status
LXD documentation ReadTheDocs Read the Docs
Go documentation Godoc GoDoc
Static analysis GoReport Go Report Card
Translations Weblate Translation status
Project status CII Best Practices CII Best Practices

Installing LXD from packages

The LXD daemon only works on Linux but the client tool (lxc) is available on most platforms.

OS Format Command
Linux Snap snap install lxd
Windows Chocolatey choco install lxc
MacOS Homebrew brew install lxc

More instructions on installing LXD for a wide variety of Linux distributions and operating systems can be found on our website.

Installing LXD from source

We recommend having the latest versions of liblxc (>= 3.0.0 required) available for LXD development. Additionally, LXD requires Golang 1.13 or later to work. On ubuntu, you can get those with:

sudo apt update
sudo apt install acl autoconf dnsmasq-base git golang libacl1-dev libcap-dev liblxc1 liblxc-dev libsqlite3-dev libtool libudev-dev libuv1-dev make pkg-config rsync squashfs-tools tar tcl xz-utils ebtables

Note that when building LXC yourself, ensure to build it with the appropriate security related libraries installed which our testsuite tests. Again, on ubuntu, you can get those with:

sudo apt install libapparmor-dev libseccomp-dev libcap-dev

There are a few storage backends for LXD besides the default "directory" backend. Installing these tools adds a bit to initramfs and may slow down your host boot, but are needed if you'd like to use a particular backend:

sudo apt install lvm2 thin-provisioning-tools
sudo apt install btrfs-tools

To run the testsuite, you'll also need:

sudo apt install curl gettext jq sqlite3 uuid-runtime bzr socat

From Source: Building the latest version

These instructions for building from source are suitable for individual developers who want to build the latest version of LXD, or build a specific release of LXD which may not be offered by their Linux distribution. Source builds for integration into Linux distributions are not covered here and may be covered in detail in a separate document in the future.

When building from source, it is customary to configure a GOPATH which contains the to-be-built source code. When the sources are done building, the lxc and lxd binaries will be available at $GOPATH/bin, and with a little LD_LIBRARY_PATH magic (described later), these binaries can be run directly from the built source tree.

The following lines demonstrate how to configure a GOPATH with the most recent LXD sources from GitHub:

mkdir -p ~/go
export GOPATH=~/go
go get -d -v github.com/lxc/lxd/lxd
cd $GOPATH/src/github.com/lxc/lxd

When the build process starts, the Makefile will use go get and git clone to grab all necessary dependencies needed for building.

From Source: Building a Release

To build an official release of LXD, download and extract a release tarball, and then set up GOPATH to point to the _dist directory inside it, which is configured to be used as a GOPATH and contains snapshots of all necessary sources. LXD will then build using these snapshots rather than grabbing 'live' sources using go get and git clone. Once the release tarball is downloaded and extracted, set the GOPATH as follows:

cd lxd-3.18
export GOPATH=$(pwd)/_dist

Starting the Build

Once the GOPATH is configured, either to build the latest GitHub version or an official release, the following steps can be used to build LXD.

The actual building is done by two separate invocations of the Makefile: make deps -- which builds libraries required by LXD -- and make, which builds LXD itself. At the end of make deps, a message will be displayed which will specify environment variables that should be set prior to invoking make. As new versions of LXD are released, these environment variable settings may change, so be sure to use the ones displayed at the end of the make deps process, as the ones below (shown for example purposes) may not exactly match what your version of LXD requires:

make deps
# Use the export statements printed in the output of 'make deps' -- these are examples: 
export CGO_CFLAGS="${CGO_CFLAGS} -I${GOPATH}/deps/dqlite/include/ -I${GOPATH}/deps/raft/include/"
export CGO_LDFLAGS="${CGO_LDFLAGS} -L${GOPATH}/deps/dqlite/.libs/ -L${GOPATH}/deps/raft/.libs/"
export LD_LIBRARY_PATH="${GOPATH}/deps/dqlite/.libs/:${GOPATH}/deps/raft/.libs/:${LD_LIBRARY_PATH}"
export CGO_LDFLAGS_ALLOW="-Wl,-wrap,pthread_create"
make

From Source: Installing

Once the build completes, you simply keep the source tree, add the directory referenced by $GOPATH/bin to your shell path, and set the LD_LIBRARY_PATH variable printed by make deps to your environment. This might look something like this for a ~/.bashrc file:

# No need to export GOPATH:
GOPATH=~/go
# But we need to export these:
export PATH="$PATH:$GOPATH/bin"
export LD_LIBRARY_PATH="${GOPATH}/deps/dqlite/.libs/:${GOPATH}/deps/raft/.libs/:${LD_LIBRARY_PATH}"

Now, the lxd and lxc binaries will be available to you and can be used to set up LXD. The binaries will automatically find and use the dependencies built in $GOPATH/deps thanks to the LD_LIBRARY_PATH environment variable.

Machine Setup

You'll need sub{u,g}ids for root, so that LXD can create the unprivileged containers:

echo "root:1000000:65536" | sudo tee -a /etc/subuid /etc/subgid

Now you can run the daemon (the --group sudo bit allows everyone in the sudo group to talk to LXD; you can create your own group if you want):

sudo -E PATH=$PATH LD_LIBRARY_PATH=$LD_LIBRARY_PATH $GOPATH/bin/lxd --group sudo

Security

LXD, similar to other container and VM managers provides a UNIX socket for local communication.

WARNING: Anyone with access to that socket can fully control LXD, which includes the ability to attach host devices and filesystems, this should therefore only be given to users who would be trusted with root access to the host.

When listening on the network, the same API is available on a TLS socket (HTTPS), specific access on the remote API can be restricted through Canonical RBAC.

More details are available here.

Getting started with LXD

Now that you have LXD running on your system you can read the getting started guide or go through more examples and configurations in our documentation.

Bug reports

Bug reports can be filed at: https://github.com/lxc/lxd/issues/new

Contributing

Fixes and new features are greatly appreciated but please read our contributing guidelines first.

Support and discussions

Forum

A discussion forum is available at: https://discuss.linuxcontainers.org

Mailing-lists

We use the LXC mailing-lists for developer and user discussions, you can find and subscribe to those at: https://lists.linuxcontainers.org

IRC

If you prefer live discussions, some of us also hang out in #lxcontainers on irc.freenode.net.

FAQ

How to enable LXD server for remote access?

By default LXD server is not accessible from the networks as it only listens on a local unix socket. You can make LXD available from the network by specifying additional addresses to listen to. This is done with the core.https_address config variable.

To see the current server configuration, run:

lxc config show

To set the address to listen to, find out what addresses are available and use the config set command on the server:

ip addr
lxc config set core.https_address 192.168.1.15

When I do a lxc remote add over https, it asks for a password?

By default, LXD has no password for security reasons, so you can't do a remote add this way. In order to set a password, do:

lxc config set core.trust_password SECRET

on the host LXD is running on. This will set the remote password that you can then use to do lxc remote add.

You can also access the server without setting a password by copying the client certificate from .config/lxc/client.crt to the server and adding it with:

lxc config trust add client.crt

How do I configure LXD storage?

LXD supports btrfs, ceph, directory, lvm and zfs based storage.

First make sure you have the relevant tools for your filesystem of choice installed on the machine (btrfs-progs, lvm2 or zfsutils-linux).

By default, LXD comes with no configured network or storage. You can get a basic configuration done with:

    lxd init

lxd init supports both directory based storage and ZFS. If you want something else, you'll need to use the lxc storage command:

lxc storage create default BACKEND [OPTIONS...]
lxc profile device add default root disk path=/ pool=default

BACKEND is one of btrfs, ceph, dir, lvm or zfs.

Unless specified otherwise, LXD will setup loop based storage with a sane default size.

For production environments, you should be using block backed storage instead both for performance and reliability reasons.

How can I live migrate a container using LXD?

Live migration requires a tool installed on both hosts called CRIU, which is available in Ubuntu via:

sudo apt install criu

Then, launch your container with the following,

lxc launch ubuntu $somename
sleep 5s # let the container get to an interesting state
lxc move host1:$somename host2:$somename

And with luck you'll have migrated the container :). Migration is still in experimental stages and may not work for all workloads. Please report bugs on lxc-devel, and we can escalate to CRIU lists as necessary.

Can I bind mount my home directory in a container?

Yes. This can be done using a disk device:

lxc config device add container-name home disk source=/home/$USER path=/home/ubuntu

For unprivileged containers, you will also need one of:

  • Pass shift=true to the lxc config device add call. This depends on shiftfs being supported (see lxc info)
  • raw.idmap entry (see Idmaps for user namespace)
  • Recursive POSIX ACLs placed on your home directory

Either of those can be used to allow the user in the container to have working read/write permissions. When not setting one of those, everything will show up as the overflow uid/gid (65536:65536) and access to anything that's not world readable will fail.

Privileged containers do not have this issue as all uid/gid inthe container are the same outside. But that's also the cause of most of the security issues with such privileged containers.

How can I run docker inside a LXD container?

In order to run Docker inside a LXD container the security.nesting property of the container should be set to true.

lxc config set <container> security.nesting true

Note that LXD containers cannot load kernel modules, so depending on your Docker configuration you may need to have the needed extra kernel modules loaded by the host.

You can do so by setting a comma separate list of kernel modules that your container needs with:

lxc config set <container> linux.kernel_modules <modules>

We have also received some reports that creating a /.dockerenv file in your container can help Docker ignore some errors it's getting due to running in a nested environment.

Hacking on LXD

Directly using the REST API

The LXD REST API can be used locally via unauthenticated Unix socket or remotely via SSL encapsulated TCP.

Via Unix socket

curl --unix-socket /var/lib/lxd/unix.socket \
    -H "Content-Type: application/json" \
    -X POST \
    -d @hello-ubuntu.json \
    lxd/1.0/containers

Via TCP

TCP requires some additional configuration and is not enabled by default.

lxc config set core.https_address "[::]:8443"
curl -k -L \
    --cert ~/.config/lxc/client.crt \
    --key ~/.config/lxc/client.key \
    -H "Content-Type: application/json" \
    -X POST \
    -d @hello-ubuntu.json \
    "https://127.0.0.1:8443/1.0/containers"

JSON payload

The hello-ubuntu.json file referenced above could contain something like:

{
    "name":"some-ubuntu",
    "ephemeral":true,
    "config":{
        "limits.cpu":"2"
    },
    "source": {
        "type":"image",
        "mode":"pull",
        "protocol":"simplestreams",
        "server":"https://cloud-images.ubuntu.com/releases",
        "alias":"18.04"
    }
}
Issues
  • Cannot delete LXD zfs backed containers: dataset is busy

    Cannot delete LXD zfs backed containers: dataset is busy

    Minty fresh Ubuntu 18.04 system LXD v3.0.0 (latest from apt, how to get v3.0.1?)

    Started seeing this beginning last week crop up arbitrarily across my infrastructure. Out of ~10 delete operations, I have seen this happen to 3 containers on 2 different systems.

    ~# lxc delete test1
    Error: Failed to destroy ZFS filesystem: cannot destroy 'lxd/containers/test1': dataset is busy
    
    ~# lxc ls
    +-------+---------+---------------------+-------------------------------+------------+-----------+
    | NAME  |  STATE  |        IPV4         |             IPV6              |    TYPE    | SNAPSHOTS |
    +-------+---------+---------------------+-------------------------------+------------+-----------+
    | doxpl | RUNNING | 46.4.158.225 (eth0) | 2a01:4f8:221:1809::601 (eth0) | PERSISTENT | 0         |
    +-------+---------+---------------------+-------------------------------+------------+-----------+
    | test1 | STOPPED |                     |                               | PERSISTENT | 0         |
    +-------+---------+---------------------+-------------------------------+------------+-----------+
    

    Tried googling around a bit and I have tried the most common tips on figuring out what might be keeping the dataset busy: There are no snapshots or dependencies, dataset is unmounted i.e. zfs list reports

    NAME                                                                          USED  AVAIL  REFER  MOUNTPOINT
    lxd                                                                          3.51G   458G    24K  none
    lxd/containers                                                               2.24G   458G    24K  none
    lxd/containers/doxpl                                                         1.04G   766M  2.25G  /var/lib/lxd/storage-pools/lxd/containers/doxpl
    lxd/containers/test1                                                         1.20G  6.80G  1.20G  none
    lxd/custom                                                                     24K   458G    24K  none
    lxd/deleted                                                                    24K   458G    24K  none
    lxd/images                                                                   1.27G   458G    24K  none
    lxd/images/7d4aa78fb18775e6c3aa2c8e5ffa6c88692791adda3e8735a835e0ba779204ec  1.27G   458G  1.27G  none
    lxd/snapshots                                                                  24K   458G    24K  none
    

    Could LXD still be holding the dataset? I see there are a number of zfs related fixes in v3.0.1 but I cannot do an apt upgrade to this version..?

    Edit: issuing systemctl restart lxd does not resolve the issue, so maybe not lxd after all. Strange...

    Bug Incomplete 
    opened by Kramerican 127
  • lxc container not restarting

    lxc container not restarting

    Restarting a container is not working.

     [email protected] (node2):~# lxc info
    apistatus: stable
    apiversion: "1.0"
    auth: trusted
    environment:
      addresses:
      - 10.0.0.2:8443
      architectures:
      - x86_64
      - i686
      driver: lxc
      driverversion: 2.0.6
      kernel: Linux
      kernelarchitecture: x86_64
      kernelversion: 4.4.0-47-generic
      server: lxd
      serverpid: 21246
      serverversion: 2.6.2
      storage: zfs
      storageversion: "5"
    config:
      core.https_address: 10.0.0.2:8443
      core.trust_password: true
      storage.zfs_pool_name: zdata/lxd
      storage.zfs_use_refquota: "true"
    public: false
    

    Here the restart:

    [email protected] (node2):~# lxc restart inxovh-xmpp001
    
    error: Error calling 'lxd forkstart inxovh-xmpp001 /var/lib/lxd/containers /var/log/lxd/inxovh-xmpp001/lxc.conf': err='exit status 1'
      lxc 20161130165729.698 ERROR lxc_apparmor - lsm/apparmor.c:apparmor_process_label_set:234     - No such file or directory - failed to change apparmor profile to lxd-inxovh-    xmpp001_</var/lib/lxd>//&:lxd-inxovh-xmpp001_<var-lib-lxd>:
      lxc 20161130165729.698 ERROR lxc_sync - sync.c:__sync_wait:57 - An error occurred in another process (expected sequence number 5)
      lxc 20161130165729.698 ERROR lxc_start - start.c:__lxc_start:1338 - Failed to spawn container "inxovh-xmpp001".
      lxc 20161130165730.215 ERROR lxc_conf - conf.c:run_buffer:347 - Script exited with status 1
      lxc 20161130165730.215 ERROR lxc_start - start.c:lxc_fini:546 - Failed to run lxc.hook.post-stop for container "inxovh-xmpp001".
    
    Try `lxc info --show-log inxovh-xmpp001` for more info
    

    Here the log

    [email protected] (node2):~# lxc info --show-log inxovh-xmpp001
    Name: inxovh-xmpp001
    Remote: unix:/var/lib/lxd/unix.socket
    Architecture: x86_64
    Created: 2016/11/04 22:15 UTC
    Status: Stopped
    Type: persistent
    Profiles: default
    
    Log:
    
            lxc 20161130165729.540 WARN     lxc_seccomp - seccomp.c:do_resolve_add_rule:265 - Seccomp: failed to resolve syscall: .
            lxc 20161130165729.540 WARN     lxc_seccomp - seccomp.c:do_resolve_add_rule:266 - This syscall will NOT be blacklisted.
            lxc 20161130165729.540 WARN     lxc_seccomp - seccomp.c:do_resolve_add_rule:265 - Seccomp: failed to resolve syscall: .
            lxc 20161130165729.540 WARN     lxc_seccomp - seccomp.c:do_resolve_add_rule:266 - This syscall will NOT be blacklisted.
            lxc 20161130165729.698 ERROR    lxc_apparmor - lsm/apparmor.c:apparmor_process_label_set:234 - No such file or directory - failed to change apparmor profile to lxd-inxovh-xmpp001_</var/lib/lxd>//&:lxd-inxovh-xmpp001_<var-lib-lxd>:
            lxc 20161130165729.698 ERROR    lxc_sync - sync.c:__sync_wait:57 - An error occurred in another process (expected sequence number 5)
            lxc 20161130165729.698 ERROR    lxc_start - start.c:__lxc_start:1338 - Failed to spawn container "inxovh-xmpp001".
            lxc 20161130165730.215 ERROR    lxc_conf - conf.c:run_buffer:347 - Script exited with status 1
            lxc 20161130165730.215 ERROR    lxc_start - start.c:lxc_fini:546 - Failed to run lxc.hook.post-stop for container "inxovh-xmpp001".
            lxc 20161130165730.215 WARN     lxc_commands - commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive response
            lxc 20161130165730.215 WARN     lxc_commands - commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive response
    

    Status is stoped:

    [email protected] (node2):~# lxc list  inxovh-xmpp001
    +----------------+---------+------+------+------------+-----------+
    |      NAME      |  STATE  | IPV4 | IPV6 |    TYPE    | SNAPSHOTS |
    +----------------+---------+------+------+------------+-----------+
    | inxovh-xmpp001 | STOPPED |      |      | PERSISTENT | 0         |
    +----------------+---------+------+------+------------+-----------+
    

    i've to manually start:

    [email protected] (node2):~# lxc start  inxovh-xmpp001
    [email protected] (node2):~#
    
    Incomplete 
    opened by nlienard 103
  • Networking does not work in fresh Bionic container

    Networking does not work in fresh Bionic container

    Tried with LXD v2.21 on Ubuntu 16.04 and LXD v3.0.0 on 18.04 (system upgraded from 16.04)

    Networking does not come up and container does not get an Ip assigned on my network bridge.

    On both my 16.04 and 18.04 host system, a xenial image comes up just fine.

    I have tried provisioning from ubuntu:bionicas well as images:ubuntu/bionic/amd64 with identical results.

    /var/log/syslog on the host shows in all cases lines similar to

    Apr 29 20:25:15 krellide kernel: [6056886.886248] audit: type=1400 audit(1525026315.592:23530): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxd-bionic-template-xlemp72_</var/lib/lxd>" name="/sys/fs/cgroup/unified/" pid=19042 comm="systemd" fstype="cgroup2" srcname="cgroup" flags="rw, nosuid, nodev, noexec"
    Apr 29 20:25:15 krellide kernel: [6056886.886297] audit: type=1400 audit(1525026315.592:23531): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxd-bionic-template-xlemp72_</var/lib/lxd>" name="/sys/fs/cgroup/unified/" pid=19042 comm="systemd" fstype="cgroup2" srcname="cgroup" flags="rw, nosuid, nodev, noexec"
    Apr 29 20:25:16 krellide kernel: [6056887.323323] audit: type=1400 audit(1525026316.029:23532): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxd-bionic-template-xlemp72_</var/lib/lxd>" name="/run/systemd/unit-root/var/lib/lxcfs/" pid=19482 comm="(networkd)" flags="ro, nosuid, nodev, remount, bind"
    

    These lines are not present in syslog when provisioning other versions of Ubuntu (Xenial/Zesty). Interestingly upgrading an existing Xenial container to Bionic does not cause any networking issues.

    Without knowing much about apparmor, I am assuming that the DENIED ... networkd line is an indicator of the culprit here. Any assistance would be much appreciated :)

    Incomplete 
    opened by Kramerican 89
  • Container creation finishes but operation doesn't

    Container creation finishes but operation doesn't

    Information

    • Distribution: Ubuntu
    • Distribution version: 16.04
    • The output of "lxc info" or if that fails:
      • Kernel version: 4.4.0-65-generic
      • LXC version: 2.0.7
      • LXD version: 2.10.1
      • Storage backend in use: zfs 0.6.5.6-0ubuntu15

    Issue

    I'm working on a lxd api client to automatically create and start containers. I'm currently writing some automated tests and sometimes the test will time out because the operation of the containers creation wont ever finish.

    But the container seems to be successfully created when listing existing containers. For debugging purposes, instead of just waiting for the /wait to finish I also added a simple status-polling every 5 seconds – it also continuously returns that the operation is still running.

    It happens more often the more I run the same test, as soon as I restart the lxd service it works properly for a while again.

    While running the service in terminal and killing it with ^C suddenly it decides to finish the operation before exiting.

    What the test does:

    • Create persistent container
    • Run command
    • Create snapshot 1
    • Run command
    • Create snapshot 2
    • Run command
    • Create another persistent container based on snapshot 1 (this is where it gets stuck)

    Logs

    opened by patrickd- 80
  • LXD Static IP configuration - clear + working documentation seems scarce

    LXD Static IP configuration - clear + working documentation seems scarce

    The template below is mostly useful for bug reports and support questions. Feel free to remove anything which doesn't apply to you and add more information where it makes sense.

    Required information

    • Distribution: Ubuntu
    • Distribution version: 16.10
    • The output of "lxc info" or if that fails:
      • Kernel version: 4.8.0-22-generic
      • LXC version: 2.4.1
      • LXD version: 2.4.1
      • Storage backend in use: dir

    Issue description

    Goal is to have LXD containers with static IPs which can communication with host + other containers.

    Steps to reproduce

    Simplest approach seems to be setting /etc/default/lxd-bridge LXD_CONFILE to a container,IP pairs + Ubuntu 16.10 seems to have removed this file.

    I have 100s of LXC container,IP pairs to port to LXD + prefer a solution that avoids the old iptables nat rule approach.

    None of the https://github.com/lxc/lxd/issues/2083 approaches seem to produce useful results.

    The

    echo -e "lxc.network.0.ipv4 = 144.217.33.224\nlxc.network.0.ipv4.gateway = 149.56.27.254\n" | lxc config set template-yakkety raw.lxc -

    comes close, as my test container does end up with the correct IP assigned.

    Maybe this is the correct approach, along with setting up the host base interface (eth2) in my case, to use br0, rather than eth2 + somehow bridging lxdbr0 to br0.

    Suggestions appreciated, as all the Ubuntu docs seem wrong + the LXD 2.0 Introduction series seems to be missing basic networking examples for large scale LXD deployments.

    Once I have a working approach, I'll publish all steps back here, so others can accomplish this easier.

    Thanks.

    opened by davidfavor 80
  • [Upgrade from mixed-storage LXD] LXD won't restart after upgrade to 2.10.1

    [Upgrade from mixed-storage LXD] LXD won't restart after upgrade to 2.10.1

    Hello,

    I believe that I have a variant of the problem seen in issue #3024 which I have been following with interest. After upgrade to 2.10.1 from 2.8.x, lxd cannot start up.

    Required information

    • Distribution: Ubuntu
    • Distribution version: 16.04LTS
    • The output of "lxc info" or if that fails:
      • Kernel version:
      • LXC version: 2.10.1
      • LXD version: 2.10.1
      • Storage backend in use: LVM (thinpools)

    Issue description

    I have two systems, sys1 and sys2. Sys1 is using dir storage, while sys2 is using LVM.

    With sys1, I migrated from 2.8.x to 2.9.x and then to 2.10.x. After resolving an issue with a change in profile inheritance of the disk device after the 2.9.x upgrade, sys1 seems to have upgraded to 2.10.x ok.

    With sys2, I migrated directly from 2.8.x to 2.10.x. This was inadvertent, as I had just sorted out the 2.9.x issue on sys1 and intended to move sys2 to 2.9.x. When lxd attempted to restart, the lxc command line client stopped responding.

    Checking /var/log/lxd/lxd.log, we see:

    lvl=info msg="LXD 2.10.1 is starting in normal mode" path=/var/lib/lxd t=2017-03-06T14:34:02-0500
    lvl=warn msg="CGroup memory swap accounting is disabled, swap limits will be ignored." t=2017-03-06T14:34:02-0500
    lvl=info msg="Kernel uid/gid map:" t=2017-03-06T14:34:02-0500
    lvl=info msg=" - u 0 0 4294967295" t=2017-03-06T14:34:02-0500
    lvl=info msg=" - g 0 0 4294967295" t=2017-03-06T14:34:02-0500
    lvl=info msg="Configured LXD uid/gid map:" t=2017-03-06T14:34:02-0500
    lvl=info msg=" - u 0 100000 65536" t=2017-03-06T14:34:02-0500
    lvl=info msg=" - g 0 100000 65536" t=2017-03-06T14:34:02-0500
    lvl=warn msg="Database already contains a valid entry for the storage pool: lxd." t=2017-03-06T14:34:03-0500
    lvl=warn msg="Storage volumes database already contains an entry for the container." t=2017-03-06T14:34:03-0500
    lvl=info msg="LXD 2.10.1 is starting in normal mode" path=/var/lib/lxd t=2017-03-06T14:44:02-0500
    lvl=warn msg="CGroup memory swap accounting is disabled, swap limits will be ignored." t=2017-03-06T14:44:02-0500
    lvl=info msg="Kernel uid/gid map:" t=2017-03-06T14:44:02-0500
    lvl=info msg=" - u 0 0 4294967295" t=2017-03-06T14:44:02-0500
    lvl=info msg=" - g 0 0 4294967295" t=2017-03-06T14:44:02-0500
    lvl=info msg="Configured LXD uid/gid map:" t=2017-03-06T14:44:02-0500
    lvl=info msg=" - u 0 100000 65536" t=2017-03-06T14:44:02-0500
    lvl=info msg=" - g 0 100000 65536" t=2017-03-06T14:44:02-0500
    lvl=warn msg="Database already contains a valid entry for the storage pool: lxd." t=2017-03-06T14:44:03-0500
    lvl=warn msg="Storage volumes database already contains an entry for the container." t=2017-03-06T14:44:03-0500
    

    journalctl -u lxd

    Mar 06 14:34:02 sys2 systemd[1]: Starting LXD - main daemon...
    Mar 06 14:34:02 sys2 lxd[4416]: lvl=warn msg="CGroup memory swap accounting is disabled, swap limits will be ignored." t=2017-03-06T14:34:02-0500
    Mar 06 14:34:03 sys2 lxd[4416]: lvl=warn msg="Database already contains a valid entry for the storage pool: lxd." t=2017-03-06T14:34:03-0500
    Mar 06 14:34:03 sys2 lxd[4416]: lvl=warn msg="Storage volumes database already contains an entry for the container." t=2017-03-06T14:34:03-0500
    Mar 06 14:34:13 sys2 lxd[4416]: error: device or resource busy
    Mar 06 14:34:13 sys2 systemd[1]: lxd.service: Main process exited, code=exited, status=1/FAILURE
    Mar 06 14:44:02 sys2 lxd[4417]: error: LXD still not running after 600s timeout.
    Mar 06 14:44:02 sys2 systemd[1]: lxd.service: Control process exited, code=exited status=1
    Mar 06 14:44:02 sys2 systemd[1]: Failed to start LXD - main daemon.
    Mar 06 14:44:02 sys2 systemd[1]: lxd.service: Unit entered failed state.
    Mar 06 14:44:02 sys2 systemd[1]: lxd.service: Failed with result 'exit-code'.
    Mar 06 14:44:02 sys2 systemd[1]: lxd.service: Service hold-off time over, scheduling restart.
    Mar 06 14:44:02 sys2 systemd[1]: Stopped LXD - main daemon.
    Mar 06 14:44:02 sys2 systemd[1]: Starting LXD - main daemon...
    Mar 06 14:44:02 sys2 lxd[8637]: lvl=warn msg="CGroup memory swap accounting is disabled, swap limits will be ignored." t=2017-03-06T14:44:02-0500
    Mar 06 14:44:03 sys2 lxd[8637]: lvl=warn msg="Database already contains a valid entry for the storage pool: lxd." t=2017-03-06T14:44:03-0500
    Mar 06 14:44:03 sys2 lxd[8637]: lvl=warn msg="Storage volumes database already contains an entry for the container." t=2017-03-06T14:44:03-0500
    Mar 06 14:44:13 sys2 lxd[8637]: error: device or resource busy
    Mar 06 14:44:13 sys2 systemd[1]: lxd.service: Main process exited, code=exited, status=1/FAILURE
    

    Sample of /var/lib/lxd/containers:

    drwx------+ 5 root   root    4096 Jan  2 15:59 astro3
    lrwxrwxrwx  1 root   root      16 Jan  2 11:35 astro3.lv -> /dev/lxd/astro3
    drwxr-xr-x+ 5 root   root    4096 Jan  9 12:13 vault
    lrwxrwxrwx  1 root   root      14 Jan 11 15:01 vault.lv -> /dev/lxd/vault
    drwx------  2 root   root    4096 Feb 15 13:48 vgate1
    lrwxrwxrwx  1 root   root      15 Feb 15 13:48 vgate1.lv -> /dev/lxd/vgate1
    drwxr-xr-x+ 5 root   root    4096 Jan 18 13:52 vpn1
    lrwxrwxrwx  1 root   root      13 Jan 25 16:22 vpn1.lv -> /dev/lxd/vpn1
    

    File tree listing of /var/lib/lxd/storage-pools:

    .
    └── lxd
        └── containers
    

    That is, the storage-pools area is empty. (Were the container rootfs links supposed to be migrated to storage-pools?)

    The images area seems untouched:

    [email protected]:/var/lib/lxd/containers# ls /var/lib/lxd/images/
    11fc1b1d39b9f9cd7e9491871f1421ac4278e1d599ecf5d180f2a6e2483bd172
    11fc1b1d39b9f9cd7e9491871f1421ac4278e1d599ecf5d180f2a6e2483bd172.lv
    11fc1b1d39b9f9cd7e9491871f1421ac4278e1d599ecf5d180f2a6e2483bd172.rootfs
    18e7ed74d0d653894f65343afbc35b92c6781933c273943d882c36a5c5535533
    18e7ed74d0d653894f65343afbc35b92c6781933c273943d882c36a5c5535533.lv
    457a80ea4720900b69e5542cea5351f58021331bc96e773e4855a3e2ce1e6595
    457a80ea4720900b69e5542cea5351f58021331bc96e773e4855a3e2ce1e6595.lv
    457a80ea4720900b69e5542cea5351f58021331bc96e773e4855a3e2ce1e6595.rootfs
    543e662b70958f5b87f68b20eb0a205d8c4b14c41f80699e9a98b3b851883d15
    543e662b70958f5b87f68b20eb0a205d8c4b14c41f80699e9a98b3b851883d15.lv
    543e662b70958f5b87f68b20eb0a205d8c4b14c41f80699e9a98b3b851883d15.rootfs
    a570ce23e1dae791e7b8b2f2bcb98c1404273e97c7a1fb972bf0f5835ac3e869
    a570ce23e1dae791e7b8b2f2bcb98c1404273e97c7a1fb972bf0f5835ac3e869.lv
    b5b03165de7c450f5f9793c8b2eb4a364fbd81124a01511f854dd379eef52abb
    b5b03165de7c450f5f9793c8b2eb4a364fbd81124a01511f854dd379eef52abb.rootfs
    bfd17410a8c7fe6397dba3e353a23001243bc43af87acf25544d6b0ab624f9f8
    bfd17410a8c7fe6397dba3e353a23001243bc43af87acf25544d6b0ab624f9f8.rootfs
    d7c16c4fedd3308b5bffdb91f491b8458610c6115d37ace8ba4bcf5c29b23cc6
    d7c16c4fedd3308b5bffdb91f491b8458610c6115d37ace8ba4bcf5c29b23cc6.lv
    d7c16c4fedd3308b5bffdb91f491b8458610c6115d37ace8ba4bcf5c29b23cc6.rootfs
    e12c3c1aed259ce62b4a5e8dc5fe8b92d14d36e611b3beae3f55c94df069eeed
    e12c3c1aed259ce62b4a5e8dc5fe8b92d14d36e611b3beae3f55c94df069eeed.lv
    ff52f536d2896f358bc913d592828ecf1b39fae45e4ee4825930091e8793ac28
    ff52f536d2896f358bc913d592828ecf1b39fae45e4ee4825930091e8793ac28.rootfs
    

    Output from pvs and vgs and -- highly edited for readability -- output from lvs:

      PV         VG   Fmt  Attr PSize   PFree  
      /dev/sda5  dat1 lvm2 a--  931.13g 181.13g
      /dev/sda6  lxd  lvm2 a--    2.56t      0 
    
      VG   #PV #LV #SN Attr   VSize   VFree  
      dat1   1   1   0 wz--n- 931.13g 181.13g
      lxd    1  42   0 wz--n-   2.56t      0 
    
     LV        VG   Attr       LSize   Pool   Origin   Data%  Meta%
     LXDPool  lxd  twi-aotz--   2.56t                   3.91   2.12
     astro3   lxd  Vwi-aotz--  10.00g LXDPool          20.69 
     vault    lxd  Vwi-aotz--  10.00g LXDPool          12.34
     vgate1   lxd  Vwi-a-tz-- 300.00g LXDPool           1.85
     vpn1     lxd  Vwi-aotz-- 300.00g LXDPool           1.88
    

    Data from lxd.db:

    sqlite> select * from storage_pools;
    1|lxd|lvm
    sqlite> select * from storage_pools_config;
    166|1|volume.size|300GB
    167|1|size|21GB
    168|1|source|lxd
    169|1|lvm.thinpool_name|LXDPool
    170|1|lvm.vg_name|lxd
    sqlite> select * from storage_volumes;
    1|astro3|1|0
    sqlite> select * from storage_volumes_config;
    67|1|block.filesystem|ext4
    68|1|size|300GB
    

    It looks somewhat odd to me that host astro3 has an entry in the storage_volumes tables when nothing else does. It does differ in being a privileged container.

    Any help you can provide to get regular access restored will be greatly appreciated. For the moment, the containers continue to provide their services. Let me know if I can provide any other useful data or perform any non-destructive tests.

    opened by sbworth 79
  • Ceph clean

    Ceph clean

    Addresses #6174 You can attach rbd with a command like lxc config device add c1 ceph-rbd1 disk source=ceph:my-pool/my-volume ceph.user_name=admin ceph.cluster_name=ceph path=/ceph

    You can attach a fs with a command like: lxc config device add c1 ceph-fs1 disk source=cephfs:my-fs/some-path ceph.user_name=admin ceph.cluster_name=ceph path=/cephfs

    opened by anusha-paul 78
  • How to access container from the LAN?

    How to access container from the LAN?

    Support you configured your LXD server for remote access and now can manage containers on remote machine. How do you actually run a web server on your container and access it from network?

    First, let's say that your container is able to access the network already through lxcbr0 interface created automatically on host by LXC. But this interface is allocated for NAT (which is for one way connections), so to be able to listen to incoming connections, you need to create another interface like lxcbr0 (called bridge) and link it to the network card (eth0) where you want to listen for incoming stuff.

    So the final setup should be:

    • lxcbr0 - mapped to eth0 on guest - NAT
    • lxcbr1 - mapped to eth1 on guest - LAN that gets address from LAN DHCP and listens for connection

    The target system is Ubuntu 15.10

    opened by techtonik 77
  • How to re-import zfs containers after blitzing the lxd db?

    How to re-import zfs containers after blitzing the lxd db?

    Required information

    • Distribution: 16.04 - 4.8.0-49-generic
    • Distribution version:
    • The output of "lxc info" or if that fails:

    [email protected]:/var/lib/lxd/storage-pools/mirr1tb/containers/strongswan# lxc info config: {} api_extensions:

    • storage_zfs_remove_snapshots
    • container_host_shutdown_timeout
    • container_syscall_filtering
    • auth_pki
    • container_last_used_at
    • etag
    • patch
    • usb_devices
    • https_allowed_credentials
    • image_compression_algorithm
    • directory_manipulation
    • container_cpu_time
    • storage_zfs_use_refquota
    • storage_lvm_mount_options
    • network
    • profile_usedby
    • container_push
    • container_exec_recording
    • certificate_update
    • container_exec_signal_handling
    • gpu_devices
    • container_image_properties
    • migration_progress
    • id_map
    • network_firewall_filtering
    • network_routes
    • storage
    • file_delete
    • file_append
    • network_dhcp_expiry
    • storage_lvm_vg_rename
    • storage_lvm_thinpool_rename
    • network_vlan
    • image_create_aliases
    • container_stateless_copy
    • container_only_migration
    • storage_zfs_clone_copy
    • unix_device_rename
    • storage_lvm_use_thinpool
    • storage_rsync_bwlimit
    • network_vxlan_interface api_status: stable api_version: "1.0" auth: trusted public: false environment: addresses: [] architectures:
      • x86_64
      • i686 certificate: | -----BEGIN CERTIFICATE----- MIIFhzCCA2+gAwIBAgIRAPlQ+Rn7SHqtur/gi1/NGpgwDQYJKoZIhvcNAQELBQAw PTEcMBoGA1UEChMTbGludXhjb250YWluZXJzLm9yZzEdMBsGA1UEAwwUcm9vdEBv cHRpLWJyYW0tc3J2MDEwHhcNMTcwNDMwMTYwMzM4WhcNMjcwNDI4MTYwMzM4WjA9 MRwwGgYDVQQKExNsaW51eGNvbnRhaW5lcnMub3JnMR0wGwYDVQQDDBRyb290QG9w dGktYnJhbS1zcnYwMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKjm dQPNTcmRHS6xWFFx6vnrDporneM9HFOnlv3t6JzuPOU+SYD6swlSiLolDhOHNoof kxLVy2zr5gYSJjuK6u3hJMS7Vkx8WCoeGX+pE/mqlENhsii3jwBK5fSXqiOXI6Ea nHG5bs0PY4jz1lPb6U2gO+lz4UaMRTtXeaylCwNC8u+z+Vu/DWq88K2xd1sruvJK WT348eSg8/yTBVr5HeXWfsr1jdYC2O+AEcni1rYn0V5j7HGZXOqNNR5VRavrzVfc C21uZOHTs5F3x1e29PpflC3eAq6Qpyh8jm9E3BpH35c4hNjUnUmSVlyWk1tqTIJ1 GZ2UtfHpvDl+2cqeanWameJSuNq0nZGlRpSYVhXJszIb9lFa9eH8ibBO3sL4Tn8t Sq1rPzgou3Za9lXnegt8TkypCx8mPSxIlNcHdgfdy0nbKImcnVnIObdf9R9h3hTe MdRedkTReHnEQ0cUMST4JWTo6GWbg11N+VZCCs7cqx5maEfpN+MDSbepP1YO3raO +RzjH7KJMWK2195wEzQvLXFNK/Ci0RBPXS71o4S2HOv8Ru8mM7EQ9jHt2pIpCpRM SFvPISgnlVXwBc2YySvOoHQVqxFIJ+OdQJY1bJchO+vyoQBDHhHZ02uE/ZPFFC6n 0C6ZsU8P3YwiDi7ANC3ioZ2/E9cZXKpz8PyesYznAgMBAAGjgYEwfzAOBgNVHQ8B Af8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADBKBgNV HREEQzBBgg9vcHRpLWJyYW0tc3J2MDGHBAoKWAqHBKwREGSHBAoKCwqHBAoKxwGH BAo8yAqHBAoKYwGHBKwSAAGHBMCoegEwDQYJKoZIhvcNAQELBQADggIBADcAlg7U FF4qcxp0hh4vXePpsGgGZm+VCdqwNYvMdZ9+3340Lkmu0/Wyvgayj5XN57M1DpkC xbYHW5ElGOE8V2s2RHMYpM/lLSFQ51NhL5/lSs0ZZ5s++JK6mw6pCQoQ0EFLzaXH 5ibQElIo3ztMiDJSIp/QEDI+VXcnPF29Y49UCwd+mimUIdbaV/I0N6ZY3HM4ZnZo jmYg6Hssx22/CiWAoA4pEaCmzv/e2J6Y2a5qj4aAG2jYgYAJRl1BYNG0KY3zV8Cg hCuxKgNdsgsnzR5GYzCUXSy0csJqjcoA4EvUI1NIbDhFs4RJOCOt6dQx3Ta/5A8c D51tDPJTCB4ywGvmZVH4JxT+KmnZG5YlMlfArLd4eyT9GOcThAFjBgJZIgRKtSQS B3OGZEA5XSZnsnr2I2lPCpRmR0dC0coXlLjk9JwSWdcqzYjF3G0dN1Eou5K2m3Wi FBDZRkpv66LVAO/sOq0VWTvwQl5DRxh+9R2xrlaM4iJJE47hKpo3KVLMw1ZfSMKF MqqvOUm+8i7fDOmqHvtkN4p208qYtxS1wpiY6fTcRkbvOTd+2afCoyVvzJn1W8Ea nvz4djbNv7x8mexTht23zAiPYwYP4aaTbcHczkz8nfJoy55hDio11dx3qx9Im2Xs Bzr8cP+MSa/mAD1C+kgClGgmzBAOQhUn5L0f -----END CERTIFICATE----- certificate_fingerprint: 9997e229418451999ec250cf6a0e3bfd61a5c42a5c1c51222c3bc6c8312e4b16 driver: lxc driver_version: 2.0.7 kernel: Linux kernel_architecture: x86_64 kernel_version: 4.8.0-49-generic server: lxd server_pid: 2767 server_version: "2.13" storage: "" storage_version: ""
      • Storage backend in use: ZFS

    Issue description

    Hi,

    I mistakenly uninstalled LXD and I think destroyed the database, now lxd list is showing nothing.

    I still have all my containers zfs storage intact so wondering how to import them into a fresh LXD install.

    Tried a few things related to using "lxc storage" but struggling to actually get the containers back into LXD database.

    Bit of a n00b here, network engineer by trade, trying to dabble in Linux!!!

    Cheers! Jon.

    Steps to reproduce

    1. Step one [email protected]:/var/lib/lxd/storage-pools/mirr1tb/containers/strongswan# lxc list +------+-------+------+------+------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +------+-------+------+------+------+----------

    2. Step two [email protected]:/var/lib/lxd/storage-pools/mirr1tb/containers/strongswan# zpool list NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT large1-5 1.36T 682G 710G - 38% 48% 1.00x ONLINE - mirr1tb 928G 122G 806G - 6% 13% 1.00x ONLINE - store500 464G 221M 464G - 0% 0% 1.00x ONLINE -

    3. Step three

    Output of zfs list showing the actual storage is still there:

    [email protected]:/var/lib/lxd/storage-pools/mirr1tb/containers/strongswan# zfs list NAME USED AVAIL REFER MOUNTPOINT large1-5 682G 667G 681G /large1-5 mirr1tb 122G 777G 96K none mirr1tb/containers 107G 777G 96K none mirr1tb/containers/ansible 459M 19.6G 860M /var/lib/lxd/storage-pools/mirr1tb/containers/ansible mirr1tb/containers/backup-alpinehub 40.9M 777G 40.9M /var/lib/lxd/storage-pools/mirr1tb/containers/backup-alpinehub mirr1tb/containers/backup-alpinespoke 40.6M 777G 40.6M /var/lib/lxd/storage-pools/mirr1tb/containers/backup-alpinespoke mirr1tb/containers/backup-vmhost-hub1-virl 20.4G 777G 20.4G /var/lib/lxd/storage-pools/mirr1tb/containers/backup-vmhost-hub1-virl mirr1tb/containers/backups 8.85G 71.2G 9.42G /var/lib/lxd/storage-pools/mirr1tb/containers/backups mirr1tb/containers/containers 96K 777G 96K none mirr1tb/containers/custom 192K 777G 96K none mirr1tb/containers/custom/lxdhome 96K 777G 96K /var/lib/lxd/storage-pools/pool1/custom/lxdhome mirr1tb/containers/deleted 96K 777G 96K none mirr1tb/containers/dns 313M 19.7G 821M /var/lib/lxd/storage-pools/mirr1tb/containers/dns mirr1tb/containers/images 96K 777G 96K none mirr1tb/containers/nextcloud 9.79G 10.2G 10.4G /var/lib/lxd/storage-pools/mirr1tb/containers/nextcloud mirr1tb/containers/nzb 34.5G 777G 35.0G /var/lib/lxd/storage-pools/mirr1tb/containers/nzb mirr1tb/containers/openstack2 4.62M 777G 755M /var/lib/lxd/containers/openstack2.zfs mirr1tb/containers/ovpn 22.7M 20.0G 27.9M /var/lib/lxd/storage-pools/mirr1tb/containers/ovpn mirr1tb/containers/plex 3.13G 16.9G 2.71G /var/lib/lxd/storage-pools/mirr1tb/containers/plex mirr1tb/containers/pritunl 1.99G 18.0G 2.09G /var/lib/lxd/storage-pools/mirr1tb/containers/pritunl mirr1tb/containers/smokeping 932M 19.1G 1.31G /var/lib/lxd/storage-pools/mirr1tb/containers/smokeping mirr1tb/containers/strongswan 415M 19.6G 1.00G /var/lib/lxd/storage-pools/mirr1tb/containers/strongswan mirr1tb/containers/unifi 7.13G 12.9G 7.55G /var/lib/lxd/storage-pools/mirr1tb/containers/unifi mirr1tb/containers/unimus 489M 19.5G 1.05G /var/lib/lxd/storage-pools/mirr1tb/containers/unimus mirr1tb/containers/vmhost 16.9G 3.11G 17.3G /var/lib/lxd/storage-pools/mirr1tb/containers/vmhost mirr1tb/containers/vpn-ras 2.11G 7.89G 1.53G /var/lib/lxd/storage-pools/mirr1tb/containers/vpn-ras

    Information to attach

    dmesg.txt

    • [ ] any relevant kernel output (dmesg)
    • [ ] container log (lxc info NAME --show-log)
    • [ ] main daemon log (/var/log/lxd.log)
    • [ ] output of the client with --debug
    • [ ] output of the daemon with --debug
    Bug 
    opened by bodleytunes 74
  • LXD hanging on restart (and snapd seems to love restarting it regularly)

    LXD hanging on restart (and snapd seems to love restarting it regularly)

    Required information

    • Distribution: Ubuntu
    • Distribution version: 18.04
    • The output of "lxc info" or if that fails:
      • Kernel version: 5.3.0-53-generic
      • LXC version: 4.1
      • LXD version: 4.1
      • Storage backend in use: zfs

    Issue description

    snapd is restarting lxd, probably when installing a new version. Yesterday it upgraded it from v3 to v4 and it was hanging for many hours and snapd was spinning on a core. lxd itself was quiesced and unresponsibe to API requests.

    I rebooted and it seemed to cure it. Today again snapd seems to have restarted it overnight and the same thing has happened again If I kill the lxd process it will restart and hang again. The last thing in the lxd log is "Initializing global database".

    Steps to reproduce

    As above.

    Information to attach

    • [ ] Any relevant kernel output (dmesg)
    • [ ] Container log (lxc info NAME --show-log)
    • [ ] Container configuration (lxc config show NAME --expanded)
    • [X] Main daemon log (at /var/log/lxd/lxd.log or /var/snap/lxd/common/lxd/logs/lxd.log)
    • [ ] Output of the client with --debug
    • [ ] Output of the daemon with --debug (alternatively output of lxc monitor while reproducing the issue)
    Incomplete 
    opened by bigjools 69
  • Unaccounted raft node(s) not found in 'nodes' table for heartbeat:

    Unaccounted raft node(s) not found in 'nodes' table for heartbeat:

    Required information

    • Distribution: Ubuntu
    • Distribution version: 19.04

    [email protected]:~# lxc info config: cluster.https_address: 10.233.30.54:8443 core.https_address: 10.233.30.54:8443 core.trust_password: true api_extensions:

    • storage_zfs_remove_snapshots
    • container_host_shutdown_timeout
    • container_stop_priority
    • container_syscall_filtering
    • auth_pki
    • container_last_used_at
    • etag
    • patch
    • usb_devices
    • https_allowed_credentials
    • image_compression_algorithm
    • directory_manipulation
    • container_cpu_time
    • storage_zfs_use_refquota
    • storage_lvm_mount_options
    • network
    • profile_usedby
    • container_push
    • container_exec_recording
    • certificate_update
    • container_exec_signal_handling
    • gpu_devices
    • container_image_properties
    • migration_progress
    • id_map
    • network_firewall_filtering
    • network_routes
    • storage
    • file_delete
    • file_append
    • network_dhcp_expiry
    • storage_lvm_vg_rename
    • storage_lvm_thinpool_rename
    • network_vlan
    • image_create_aliases
    • container_stateless_copy
    • container_only_migration
    • storage_zfs_clone_copy
    • unix_device_rename
    • storage_lvm_use_thinpool
    • storage_rsync_bwlimit
    • network_vxlan_interface
    • storage_btrfs_mount_options
    • entity_description
    • image_force_refresh
    • storage_lvm_lv_resizing
    • id_map_base
    • file_symlinks
    • container_push_target
    • network_vlan_physical
    • storage_images_delete
    • container_edit_metadata
    • container_snapshot_stateful_migration
    • storage_driver_ceph
    • storage_ceph_user_name
    • resource_limits
    • storage_volatile_initial_source
    • storage_ceph_force_osd_reuse
    • storage_block_filesystem_btrfs
    • resources
    • kernel_limits
    • storage_api_volume_rename
    • macaroon_authentication
    • network_sriov
    • console
    • restrict_devlxd
    • migration_pre_copy
    • infiniband
    • maas_network
    • devlxd_events
    • proxy
    • network_dhcp_gateway
    • file_get_symlink
    • network_leases
    • unix_device_hotplug
    • storage_api_local_volume_handling
    • operation_description
    • clustering
    • event_lifecycle
    • storage_api_remote_volume_handling
    • nvidia_runtime
    • container_mount_propagation
    • container_backup
    • devlxd_images
    • container_local_cross_pool_handling
    • proxy_unix
    • proxy_udp
    • clustering_join
    • proxy_tcp_udp_multi_port_handling
    • network_state
    • proxy_unix_dac_properties
    • container_protection_delete
    • unix_priv_drop
    • pprof_http
    • proxy_haproxy_protocol
    • network_hwaddr
    • proxy_nat
    • network_nat_order
    • container_full
    • candid_authentication
    • backup_compression
    • candid_config
    • nvidia_runtime_config
    • storage_api_volume_snapshots
    • storage_unmapped
    • projects
    • candid_config_key
    • network_vxlan_ttl
    • container_incremental_copy
    • usb_optional_vendorid
    • snapshot_scheduling
    • container_copy_project
    • clustering_server_address
    • clustering_image_replication
    • container_protection_shift
    • snapshot_expiry
    • container_backup_override_pool
    • snapshot_expiry_creation
    • network_leases_location
    • resources_cpu_socket
    • resources_gpu
    • resources_numa
    • kernel_features
    • id_map_current
    • event_location
    • storage_api_remote_volume_snapshots
    • network_nat_address
    • container_nic_routes
    • rbac
    • cluster_internal_copy
    • seccomp_notify
    • lxc_features
    • container_nic_ipvlan
    • network_vlan_sriov
    • storage_cephfs
    • container_nic_ipfilter
    • resources_v2
    • container_exec_user_group_cwd
    • container_syscall_intercept
    • container_disk_shift
    • storage_shifted
    • resources_infiniband
    • daemon_storage
    • instances
    • image_types
    • resources_disk_sata
    • clustering_roles
    • images_expiry api_status: stable api_version: "1.0" auth: trusted public: false auth_methods:
    • tls environment: addresses:
      • 10.233.30.54:8443 architectures:
      • x86_64
      • i686 certificate: | -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- certificate_fingerprint: ae10f02e068851f7fd3f808ee6a6452822cc6a6ed11e17f4b3dcccf0d8a9bfad driver: lxc driver_version: 3.2.1 kernel: Linux kernel_architecture: x86_64 kernel_features: netnsid_getifaddrs: "true" seccomp_listener: "true" shiftfs: "false" uevent_injection: "true" unpriv_fscaps: "true" kernel_version: 5.0.0-29-generic lxc_features: mount_injection_file: "true" network_gateway_device_route: "true" network_ipvlan: "true" network_l2proxy: "true" network_phys_macvlan_mtu: "true" seccomp_notify: "true" project: default server: lxd server_clustered: true server_name: cluster-node1 server_pid: 594 server_version: "3.18" storage: dir storage_version: "1"

    Issue description

    When i try to create a cluster in LXD containers I seem to keep running into the below when I try to add the second node

    Oct 14 20:40:30 cluster-node1 lxd.daemon[473]: t=2019-10-14T20:40:30+0000 lvl=eror msg="Unaccounted raft node(s) not found in 'nodes' table for heartbeat: map[10.233.30.169:8443:{ID:2 Address:10.233.30.169:8443}]"
    
    opened by turtle0x1 65
  • go build with github.com/lxc/lxd/client fails

    go build with github.com/lxc/lxd/client fails

    Required information

    • Distribution: Arch
    • Distribution version: rolling
    • The output of "lxc info" or if that fails:
    $ lxc info
    config: {}
    api_extensions:
    - storage_zfs_remove_snapshots
    - container_host_shutdown_timeout
    - container_stop_priority
    - container_syscall_filtering
    - auth_pki
    - container_last_used_at
    - etag
    - patch
    - usb_devices
    - https_allowed_credentials
    - image_compression_algorithm
    - directory_manipulation
    - container_cpu_time
    - storage_zfs_use_refquota
    - storage_lvm_mount_options
    - network
    - profile_usedby
    - container_push
    - container_exec_recording
    - certificate_update
    - container_exec_signal_handling
    - gpu_devices
    - container_image_properties
    - migration_progress
    - id_map
    - network_firewall_filtering
    - network_routes
    - storage
    - file_delete
    - file_append
    - network_dhcp_expiry
    - storage_lvm_vg_rename
    - storage_lvm_thinpool_rename
    - network_vlan
    - image_create_aliases
    - container_stateless_copy
    - container_only_migration
    - storage_zfs_clone_copy
    - unix_device_rename
    - storage_lvm_use_thinpool
    - storage_rsync_bwlimit
    - network_vxlan_interface
    - storage_btrfs_mount_options
    - entity_description
    - image_force_refresh
    - storage_lvm_lv_resizing
    - id_map_base
    - file_symlinks
    - container_push_target
    - network_vlan_physical
    - storage_images_delete
    - container_edit_metadata
    - container_snapshot_stateful_migration
    - storage_driver_ceph
    - storage_ceph_user_name
    - resource_limits
    - storage_volatile_initial_source
    - storage_ceph_force_osd_reuse
    - storage_block_filesystem_btrfs
    - resources
    - kernel_limits
    - storage_api_volume_rename
    - macaroon_authentication
    - network_sriov
    - console
    - restrict_devlxd
    - migration_pre_copy
    - infiniband
    - maas_network
    - devlxd_events
    - proxy
    - network_dhcp_gateway
    - file_get_symlink
    - network_leases
    - unix_device_hotplug
    - storage_api_local_volume_handling
    - operation_description
    - clustering
    - event_lifecycle
    - storage_api_remote_volume_handling
    - nvidia_runtime
    - container_mount_propagation
    - container_backup
    - devlxd_images
    - container_local_cross_pool_handling
    - proxy_unix
    - proxy_udp
    - clustering_join
    - proxy_tcp_udp_multi_port_handling
    - network_state
    - proxy_unix_dac_properties
    - container_protection_delete
    - unix_priv_drop
    - pprof_http
    - proxy_haproxy_protocol
    - network_hwaddr
    - proxy_nat
    - network_nat_order
    - container_full
    - candid_authentication
    - backup_compression
    - candid_config
    - nvidia_runtime_config
    - storage_api_volume_snapshots
    - storage_unmapped
    - projects
    - candid_config_key
    - network_vxlan_ttl
    - container_incremental_copy
    - usb_optional_vendorid
    - snapshot_scheduling
    - snapshot_schedule_aliases
    - container_copy_project
    - clustering_server_address
    - clustering_image_replication
    - container_protection_shift
    - snapshot_expiry
    - container_backup_override_pool
    - snapshot_expiry_creation
    - network_leases_location
    - resources_cpu_socket
    - resources_gpu
    - resources_numa
    - kernel_features
    - id_map_current
    - event_location
    - storage_api_remote_volume_snapshots
    - network_nat_address
    - container_nic_routes
    - rbac
    - cluster_internal_copy
    - seccomp_notify
    - lxc_features
    - container_nic_ipvlan
    - network_vlan_sriov
    - storage_cephfs
    - container_nic_ipfilter
    - resources_v2
    - container_exec_user_group_cwd
    - container_syscall_intercept
    - container_disk_shift
    - storage_shifted
    - resources_infiniband
    - daemon_storage
    - instances
    - image_types
    - resources_disk_sata
    - clustering_roles
    - images_expiry
    - resources_network_firmware
    - backup_compression_algorithm
    - ceph_data_pool_name
    - container_syscall_intercept_mount
    - compression_squashfs
    - container_raw_mount
    - container_nic_routed
    - container_syscall_intercept_mount_fuse
    - container_disk_ceph
    - virtual-machines
    - image_profiles
    - clustering_architecture
    - resources_disk_id
    - storage_lvm_stripes
    - vm_boot_priority
    - unix_hotplug_devices
    - api_filtering
    - instance_nic_network
    - clustering_sizing
    - firewall_driver
    - projects_limits
    - container_syscall_intercept_hugetlbfs
    - limits_hugepages
    - container_nic_routed_gateway
    - projects_restrictions
    - custom_volume_snapshot_expiry
    - volume_snapshot_scheduling
    - trust_ca_certificates
    - snapshot_disk_usage
    - clustering_edit_roles
    - container_nic_routed_host_address
    - container_nic_ipvlan_gateway
    - resources_usb_pci
    - resources_cpu_threads_numa
    - resources_cpu_core_die
    - api_os
    - container_nic_routed_host_table
    - container_nic_ipvlan_host_table
    - container_nic_ipvlan_mode
    - resources_system
    - images_push_relay
    - network_dns_search
    - container_nic_routed_limits
    - instance_nic_bridged_vlan
    - network_state_bond_bridge
    - usedby_consistency
    - custom_block_volumes
    - clustering_failure_domains
    - resources_gpu_mdev
    - console_vga_type
    - projects_limits_disk
    - network_type_macvlan
    - network_type_sriov
    - container_syscall_intercept_bpf_devices
    - network_type_ovn
    - projects_networks
    - projects_networks_restricted_uplinks
    - custom_volume_backup
    - backup_override_name
    - storage_rsync_compression
    - network_type_physical
    - network_ovn_external_subnets
    - network_ovn_nat
    - network_ovn_external_routes_remove
    - tpm_device_type
    - storage_zfs_clone_copy_rebase
    - gpu_mdev
    - resources_pci_iommu
    - resources_network_usb
    - resources_disk_address
    - network_physical_ovn_ingress_mode
    - network_ovn_dhcp
    - network_physical_routes_anycast
    - projects_limits_instances
    - network_state_vlan
    - instance_nic_bridged_port_isolation
    - instance_bulk_state_change
    - network_gvrp
    - instance_pool_move
    - gpu_sriov
    - pci_device_type
    - storage_volume_state
    - network_acl
    - migration_stateful
    - disk_state_quota
    - storage_ceph_features
    - projects_compression
    - projects_images_remote_cache_expiry
    - certificate_project
    - network_ovn_acl
    - projects_images_auto_update
    - projects_restricted_cluster_target
    - images_default_architecture
    - network_ovn_acl_defaults
    - gpu_mig
    - project_usage
    - network_bridge_acl
    - warnings
    - projects_restricted_backups_and_snapshots
    - clustering_join_token
    - clustering_description
    - server_trusted_proxy
    - clustering_update_cert
    - storage_api_project
    - server_instance_driver_operational
    - server_supported_storage_drivers
    - event_lifecycle_requestor_address
    - resources_gpu_usb
    - clustering_evacuation
    - network_ovn_nat_address
    - network_bgp
    - network_forward
    - custom_volume_refresh
    - network_counters_errors_dropped
    - metrics
    - image_source_project
    - clustering_config
    - network_peer
    - linux_sysctl
    - network_dns
    - ovn_nic_acceleration
    - certificate_self_renewal
    - instance_project_move
    - storage_volume_project_move
    - cloud_init
    - network_dns_nat
    - database_leader
    - instance_all_projects
    - clustering_groups
    - ceph_rbd_du
    - instance_get_full
    - qemu_metrics
    - gpu_mig_uuid
    - event_project
    - clustering_evacuation_live
    - instance_allow_inconsistent_copy
    - network_state_ovn
    - storage_volume_api_filtering
    - image_restrictions
    - storage_zfs_export
    - network_dns_records
    - storage_zfs_reserve_space
    - network_acl_log
    - storage_zfs_blocksize
    - metrics_cpu_seconds
    - instance_snapshot_never
    - certificate_token
    - instance_nic_routed_neighbor_probe
    - event_hub
    - agent_nic_config
    - projects_restricted_intercept
    - metrics_authentication
    - images_target_project
    - cluster_migration_inconsistent_copy
    - cluster_ovn_chassis
    - container_syscall_intercept_sched_setscheduler
    - storage_lvm_thinpool_metadata_size
    - storage_volume_state_total
    - instance_file_head
    - instances_nic_host_name
    - image_copy_profile
    - container_syscall_intercept_sysinfo
    - clustering_evacuation_mode
    - resources_pci_vpd
    - qemu_raw_conf
    - storage_cephfs_fscache
    - network_load_balancer
    - vsock_api
    api_status: stable
    api_version: "1.0"
    auth: trusted
    public: false
    auth_methods:
    - tls
    environment:
      addresses: []
      architectures:
      - x86_64
      - i686
      certificate: |
        -----BEGIN CERTIFICATE-----
        MIICADCCAYagAwIBAgIQf1raJ/DUr5gZUP4I8/RC8zAKBggqhkjOPQQDAzAzMRww
        GgYDVQQKExNsaW51eGNvbnRhaW5lcnMub3JnMRMwEQYDVQQDDApyb290QHJ5emVu
        MB4XDTIxMDgwNjE3MDkwNFoXDTMxMDgwNDE3MDkwNFowMzEcMBoGA1UEChMTbGlu
        dXhjb250YWluZXJzLm9yZzETMBEGA1UEAwwKcm9vdEByeXplbjB2MBAGByqGSM49
        AgEGBSuBBAAiA2IABFhVaOkrfLXCW8i+lalID3mt9sO5BqVKoFaL35Gxqyd7HY7r
        QVQj0XGc5iEOnVoqo23p+0aCII41XqFFsl2FMOomf6kyNz8LMQu1TtvjhQ61Mc6l
        Lt6JTi7GYyGj//VmHaNfMF0wDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsG
        AQUFBwMBMAwGA1UdEwEB/wQCMAAwKAYDVR0RBCEwH4IFcnl6ZW6HBH8AAAGHEAAA
        AAAAAAAAAAAAAAAAAAEwCgYIKoZIzj0EAwMDaAAwZQIwXZ3lET9aY+uSLdENC+jc
        0b58a7+7tSG6TskehTkw6bqYTVVEWu5qa5wFjDxm8vpkAjEArkIBgpweQgfczZWL
        vFzdimVxTeW8ZpFtt8rycVxhfHvi+yIzgYCypxa2aIq1lKqJ
        -----END CERTIFICATE-----
      certificate_fingerprint: 4b2849495c444c8fded80990e84d40fc35912980e525e85a45efaf623b69d4f5
      driver: qemu | lxc
      driver_version: 7.0.0 | 5.0.1
      firewall: nftables
      kernel: Linux
      kernel_architecture: x86_64
      kernel_features:
        idmapped_mounts: "true"
        netnsid_getifaddrs: "true"
        seccomp_listener: "true"
        seccomp_listener_continue: "true"
        shiftfs: "false"
        uevent_injection: "true"
        unpriv_fscaps: "true"
      kernel_version: 5.18.15-arch1-2
      lxc_features:
        cgroup2: "true"
        core_scheduling: "true"
        devpts_fd: "true"
        idmapped_mounts_v2: "true"
        mount_injection_file: "true"
        network_gateway_device_route: "true"
        network_ipvlan: "true"
        network_l2proxy: "true"
        network_phys_macvlan_mtu: "true"
        network_veth_router: "true"
        pidfd: "true"
        seccomp_allow_deny_syntax: "true"
        seccomp_notify: "true"
        seccomp_proxy_send_notify_fd: "true"
      os_name: Arch Linux
      os_version: ""
      project: default
      server: lxd
      server_clustered: false
      server_event_mode: full-mesh
      server_name: ryzen
      server_pid: 97797
      server_version: "5.4"
      storage: btrfs
      storage_version: 5.18.1
      storage_supported_drivers:
      - name: dir
        version: "1"
        remote: false
      - name: lvm
        version: 2.03.16(2) (2022-05-18) / 1.02.185 (2022-05-18) / 4.46.0
        remote: false
      - name: btrfs
        version: 5.18.1
        remote: false
    
    • Storage backend in use: btrfs

    Issue description

    Any import of the lxd client results in errors during build:

    package main
    
    import _ "github.com/lxc/lxd/client"
    
    func main() {
    }
    
    $ go build
    # github.com/lxc/lxd/shared
    In file included from ../go/pkg/mod/github.com/lxc/[email protected]/shared/util_linux_cgo.go:35:
    ./../lxd/include/syscall_wrappers.h:30:19: error: static declaration of 'open_tree' follows non-static declaration
       30 | static inline int open_tree(int dfd, const char *filename, unsigned int flags)
          |                   ^~~~~~~~~
    In file included from ./../lxd/include/macro.h:33,
                     from ./../lxd/include/memory_utils.h:11,
                     from ./../lxd/include/process_utils.h:18,
                     from ../go/pkg/mod/github.com/lxc/[email protected]/shared/util_linux_cgo.go:34:
    /usr/include/sys/mount.h:253:12: note: previous declaration of 'open_tree' with type 'int(int,  const char *, unsigned int)'
      253 | extern int open_tree (int __dfd, const char *__filename, unsigned int __flags)
          |            ^~~~~~~~~
    ./../lxd/include/syscall_wrappers.h:45:19: error: conflicting types for 'mount_setattr'; have 'int(int,  const char *, unsigned int,  struct lxc_mount_attr *, size_t)' {aka 'int(int,  const char *, unsigned int,  struct lxc_mount_attr *, long unsigned int)'}
       45 | static inline int mount_setattr(int dfd, const char *path, unsigned int flags,
          |                   ^~~~~~~~~~~~~
    /usr/include/sys/mount.h:261:12: note: previous declaration of 'mount_setattr' with type 'int(int,  const char *, unsigned int,  struct mount_attr *, size_t)' {aka 'int(int,  const char *, unsigned int,  struct mount_attr *, long unsigned int)'}
      261 | extern int mount_setattr (int __dfd, const char *__path, unsigned int __flags,
          |            ^~~~~~~~~~~~~
    ./../lxd/include/syscall_wrappers.h:51:19: error: static declaration of 'move_mount' follows non-static declaration
       51 | static inline int move_mount(int from_dfd, const char *from_pathname, int to_dfd,
          |                   ^~~~~~~~~~
    /usr/include/sys/mount.h:239:12: note: previous declaration of 'move_mount' with type 'int(int,  const char *, int,  const char *, unsigned int)'
      239 | extern int move_mount (int __from_dfd, const char *__from_pathname,
          |            ^~~~~~~~~~
    

    Steps to reproduce

    1. Use the example go file above
    2. Run go build
    3. Note the errors

    Information to attach

    • [ ] Any relevant kernel output (dmesg)
    • [ ] Container log (lxc info NAME --show-log)
    • [ ] Container configuration (lxc config show NAME --expanded)
    • [ ] Main daemon log (at /var/log/lxd/lxd.log or /var/snap/lxd/common/lxd/logs/lxd.log)
    • [ ] Output of the client with --debug
    • [ ] Output of the daemon with --debug (alternatively output of lxc monitor while reproducing the issue)
    Incomplete 
    opened by powersj 2
  • Error: Failed to retrieve PID of executing child process

    Error: Failed to retrieve PID of executing child process

    LXD v4.16 on ZFS 5.13.0-30-generic Ubuntu 20.04.2 LTS

    Now, this may be due to the relatively "old" LXD version on this system, but the only reference I can find to this issue is much much older than that - https://discuss.linuxcontainers.org/t/error-failed-to-retrieve-pid-of-executing-child-process/10547/31 - and I suspect something "more" or different is going on here in my case.

    Now, this container had been running happily right until a lxc stop --force operation hung. After which the container is stuck in the RUNNING state and any interaction with lxc exec results in the above error message and it cannot be killed. Maybe something inside the container is just hung, preventing it from shutting down properly, and thus resulting in this error which is really just a secondary symptom of the container being hung?

    I have refrained from touching this system further as I want you to see the current failed state.

    # lxc exec server2b bash
    Error: Failed to retrieve PID of executing child process
    # lxc stop --force server2b
    *hangs*
    
    # lxc info --show-log server2b
    Name: server2b
    Location: none
    Remote: unix://
    Architecture: x86_64
    Created: 2022/08/01 03:25 UTC
    Status: Running
    Type: container
    Profiles: webdocknano4-2022
    Pid: 2643924
    Resources:
      Processes: 23
      Disk usage:
        root: 16.83GB
      CPU usage:
        CPU usage (in seconds): 2498
      Memory usage:
        Memory (current): 282.64MB
        Memory (peak): 2.00GB
    
    Log:
    
    lxc server2b 20220801040421.214 WARN     conf - conf.c:lxc_map_ids:3389 - newuidmap binary is missing
    lxc server2b 20220801040421.214 WARN     conf - conf.c:lxc_map_ids:3395 - newgidmap binary is missing
    lxc server2b 20220801040421.218 WARN     conf - conf.c:lxc_map_ids:3389 - newuidmap binary is missing
    lxc server2b 20220801040421.218 WARN     conf - conf.c:lxc_map_ids:3395 - newgidmap binary is missing
    lxc server2b 20220801040421.219 WARN     cgfsng - cgroups/cgfsng.c:fchowmodat:1293 - No such file or directory - Failed to fchownat(45, memory.oom.group, 1000000000, 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
    lxc server2b 20220801040456.780 WARN     conf - conf.c:lxc_map_ids:3389 - newuidmap binary is missing
    lxc server2b 20220801040456.780 WARN     conf - conf.c:lxc_map_ids:3395 - newgidmap binary is missing
    lxc server2b 20220801040457.780 WARN     conf - conf.c:lxc_map_ids:3389 - newuidmap binary is missing
    lxc server2b 20220801040457.780 WARN     conf - conf.c:lxc_map_ids:3395 - newgidmap binary is missing
    --> This repeats for many many lines but is "normal" as far as I am aware
    
    lxc server2b 20220802073305.976 WARN     conf - conf.c:lxc_map_ids:3389 - newuidmap binary is missing
    lxc server2b 20220802073305.976 WARN     conf - conf.c:lxc_map_ids:3395 - newgidmap binary is missing
    lxc server2b 20220802073305.977 ERROR    attach - attach.c:lxc_attach:1571 - Cannot allocate memory - Failed to clone attached process
    lxc server2b 20220802073306.889 WARN     conf - conf.c:lxc_map_ids:3389 - newuidmap binary is missing
    lxc server2b 20220802073306.889 WARN     conf - conf.c:lxc_map_ids:3395 - newgidmap binary is missing
    lxc server2b 20220802073306.890 ERROR    attach - attach.c:lxc_attach:1571 - Cannot allocate memory - Failed to clone attached process
    --> This block then with the alloc memory message repeats many times. I think this is just from whenever we tried to run lxc exec and is just the log entry for "failed to retrieve PID" message..?
    
    opened by webdock-io 0
  • TestGetAllXattr failing due to llistxattr() returning different lengths

    TestGetAllXattr failing due to llistxattr() returning different lengths

    • Distribution: Debian
    • Distribution version: sid
    • LXD version: 5.0.0 LTS
    • Go version: 1.18.4

    This issue was discovered by another individual while reviewing the Debian LXD packaging and is reproducible in Debian's CI pipeline, but I have not been able to reproduce it myself locally.

    When the tests are run, TestGetAllXattr fails:

    === RUN   TestGetAllXattr
        util_linux_test.go:79: numerical result out of range
    --- FAIL: TestGetAllXattr (0.00s)
    

    Adding some additional debugging output, I can see that for whatever reason the initial reported length of the extended attributes for the directory created (but not the file) is unexpectedly 23 bytes longer than it really is which causes the buffer to be padded with NULLs at the end:

    === RUN   TestGetAllXattr
    I got pre=37 and post=37
    00000000  75 73 65 72 2e 63 68 65  63 6b 73 75 6d 00 75 73  |user.checksum.us|
    00000010  65 72 2e 72 61 6e 64 6f  6d 00 75 73 65 72 2e 65  |er.random.user.e|
    00000020  6d 70 74 79 00                                    |mpty.|
    I split into 3 strings
    xattr -> user.checksum
    xattr -> user.random
    xattr -> user.empty
    I got pre=60 and post=37
    00000000  75 73 65 72 2e 63 68 65  63 6b 73 75 6d 00 75 73  |user.checksum.us|
    00000010  65 72 2e 65 6d 70 74 79  00 75 73 65 72 2e 72 61  |er.empty.user.ra|
    00000020  6e 64 6f 6d 00 00 00 00  00 00 00 00 00 00 00 00  |ndom............|
    00000030  00 00 00 00 00 00 00 00  00 00 00 00              |............|
    I split into 26 strings
    xattr -> user.checksum
    xattr -> user.empty
    xattr -> user.random
    xattr -> 
        util_linux_test.go:79: numerical result out of range
    --- FAIL: TestGetAllXattr (0.00s)
    

    If I make a slice of the buffer to truncate the excess NULLs with the following one line change, then the test passes:

    diff --git a/shared/util_linux.go b/shared/util_linux.go
    index 24cbed542..cbdfd3384 100644
    --- a/shared/util_linux.go
    +++ b/shared/util_linux.go
    @@ -115,7 +115,7 @@ func GetAllXattr(path string) (xattrs map[string]string, err error) {
                    return nil, fmt.Errorf("Extended attribute list size increased from %d to %d during retrieval", pre, post)
            }
     
    -       split := strings.Split(string(dest), "\x00")
    +       split := strings.Split(string(dest[:post]), "\x00")
            if split == nil {
                    return nil, fmt.Errorf("No valid extended attribute key found")
            }
    
    === RUN   TestGetAllXattr
    I got pre=37 and post=37
    00000000  75 73 65 72 2e 65 6d 70  74 79 00 75 73 65 72 2e  |user.empty.user.|
    00000010  63 68 65 63 6b 73 75 6d  00 75 73 65 72 2e 72 61  |checksum.user.ra|
    00000020  6e 64 6f 6d 00                                    |ndom.|
    00000000  75 73 65 72 2e 65 6d 70  74 79 00 75 73 65 72 2e  |user.empty.user.|
    00000010  63 68 65 63 6b 73 75 6d  00 75 73 65 72 2e 72 61  |checksum.user.ra|
    00000020  6e 64 6f 6d 00                                    |ndom.|
    I split into 3 strings
    xattr -> user.empty
    xattr -> user.checksum
    xattr -> user.random
    I got pre=60 and post=37
    00000000  75 73 65 72 2e 65 6d 70  74 79 00 75 73 65 72 2e  |user.empty.user.|
    00000010  72 61 6e 64 6f 6d 00 75  73 65 72 2e 63 68 65 63  |random.user.chec|
    00000020  6b 73 75 6d 00 00 00 00  00 00 00 00 00 00 00 00  |ksum............|
    00000030  00 00 00 00 00 00 00 00  00 00 00 00              |............|
    00000000  75 73 65 72 2e 65 6d 70  74 79 00 75 73 65 72 2e  |user.empty.user.|
    00000010  72 61 6e 64 6f 6d 00 75  73 65 72 2e 63 68 65 63  |random.user.chec|
    00000020  6b 73 75 6d 00                                    |ksum.|
    I split into 3 strings
    xattr -> user.empty
    xattr -> user.random
    xattr -> user.checksum
    --- PASS: TestGetAllXattr (0.00s)
    

    However, I don't know if that's a safe thing to do because I don't understand what's causing the initial call to llistxattr() to return a longer length than the actual data.

    I've tried to reproduce this locally, but haven't been able to do so. I have tried running the test directly on a physical machine, within a LXD container, and within a docker container. I have tried with /tmp/ mounted on ext4, zfs, and overlay filesystems. When /tmp/ is mounted with noxattr or as tmpfs, the test correctly short-circuits out and passes.

    This is being seen in LXD 5.0.0 LTS; I've looked at the git history for shared/util_linux.go since that release and don't see anything that I think would affect this behavior. Since I can't reproduce this locally I haven't been able to try building the master branch of LXD to confirm that. If anyone is able to share steps to reproduce or give suggestions on what I could try, I'd appreciate it!

    Bug 
    opened by gibmat 1
  • image unpack fails when `gzip` is a symlink

    image unpack fails when `gzip` is a symlink

    Required information

    • Distribution: Alpine
    • Distribution version: edge
    • The output of "lxc info":
    config: {}
    api_extensions:
    - storage_zfs_remove_snapshots
    - container_host_shutdown_timeout
    - container_stop_priority
    - container_syscall_filtering
    - auth_pki
    - container_last_used_at
    - etag
    - patch
    - usb_devices
    - https_allowed_credentials
    - image_compression_algorithm
    - directory_manipulation
    - container_cpu_time
    - storage_zfs_use_refquota
    - storage_lvm_mount_options
    - network
    - profile_usedby
    - container_push
    - container_exec_recording
    - certificate_update
    - container_exec_signal_handling
    - gpu_devices
    - container_image_properties
    - migration_progress
    - id_map
    - network_firewall_filtering
    - network_routes
    - storage
    - file_delete
    - file_append
    - network_dhcp_expiry
    - storage_lvm_vg_rename
    - storage_lvm_thinpool_rename
    - network_vlan
    - image_create_aliases
    - container_stateless_copy
    - container_only_migration
    - storage_zfs_clone_copy
    - unix_device_rename
    - storage_lvm_use_thinpool
    - storage_rsync_bwlimit
    - network_vxlan_interface
    - storage_btrfs_mount_options
    - entity_description
    - image_force_refresh
    - storage_lvm_lv_resizing
    - id_map_base
    - file_symlinks
    - container_push_target
    - network_vlan_physical
    - storage_images_delete
    - container_edit_metadata
    - container_snapshot_stateful_migration
    - storage_driver_ceph
    - storage_ceph_user_name
    - resource_limits
    - storage_volatile_initial_source
    - storage_ceph_force_osd_reuse
    - storage_block_filesystem_btrfs
    - resources
    - kernel_limits
    - storage_api_volume_rename
    - macaroon_authentication
    - network_sriov
    - console
    - restrict_devlxd
    - migration_pre_copy
    - infiniband
    - maas_network
    - devlxd_events
    - proxy
    - network_dhcp_gateway
    - file_get_symlink
    - network_leases
    - unix_device_hotplug
    - storage_api_local_volume_handling
    - operation_description
    - clustering
    - event_lifecycle
    - storage_api_remote_volume_handling
    - nvidia_runtime
    - container_mount_propagation
    - container_backup
    - devlxd_images
    - container_local_cross_pool_handling
    - proxy_unix
    - proxy_udp
    - clustering_join
    - proxy_tcp_udp_multi_port_handling
    - network_state
    - proxy_unix_dac_properties
    - container_protection_delete
    - unix_priv_drop
    - pprof_http
    - proxy_haproxy_protocol
    - network_hwaddr
    - proxy_nat
    - network_nat_order
    - container_full
    - candid_authentication
    - backup_compression
    - candid_config
    - nvidia_runtime_config
    - storage_api_volume_snapshots
    - storage_unmapped
    - projects
    - candid_config_key
    - network_vxlan_ttl
    - container_incremental_copy
    - usb_optional_vendorid
    - snapshot_scheduling
    - snapshot_schedule_aliases
    - container_copy_project
    - clustering_server_address
    - clustering_image_replication
    - container_protection_shift
    - snapshot_expiry
    - container_backup_override_pool
    - snapshot_expiry_creation
    - network_leases_location
    - resources_cpu_socket
    - resources_gpu
    - resources_numa
    - kernel_features
    - id_map_current
    - event_location
    - storage_api_remote_volume_snapshots
    - network_nat_address
    - container_nic_routes
    - rbac
    - cluster_internal_copy
    - seccomp_notify
    - lxc_features
    - container_nic_ipvlan
    - network_vlan_sriov
    - storage_cephfs
    - container_nic_ipfilter
    - resources_v2
    - container_exec_user_group_cwd
    - container_syscall_intercept
    - container_disk_shift
    - storage_shifted
    - resources_infiniband
    - daemon_storage
    - instances
    - image_types
    - resources_disk_sata
    - clustering_roles
    - images_expiry
    - resources_network_firmware
    - backup_compression_algorithm
    - ceph_data_pool_name
    - container_syscall_intercept_mount
    - compression_squashfs
    - container_raw_mount
    - container_nic_routed
    - container_syscall_intercept_mount_fuse
    - container_disk_ceph
    - virtual-machines
    - image_profiles
    - clustering_architecture
    - resources_disk_id
    - storage_lvm_stripes
    - vm_boot_priority
    - unix_hotplug_devices
    - api_filtering
    - instance_nic_network
    - clustering_sizing
    - firewall_driver
    - projects_limits
    - container_syscall_intercept_hugetlbfs
    - limits_hugepages
    - container_nic_routed_gateway
    - projects_restrictions
    - custom_volume_snapshot_expiry
    - volume_snapshot_scheduling
    - trust_ca_certificates
    - snapshot_disk_usage
    - clustering_edit_roles
    - container_nic_routed_host_address
    - container_nic_ipvlan_gateway
    - resources_usb_pci
    - resources_cpu_threads_numa
    - resources_cpu_core_die
    - api_os
    - container_nic_routed_host_table
    - container_nic_ipvlan_host_table
    - container_nic_ipvlan_mode
    - resources_system
    - images_push_relay
    - network_dns_search
    - container_nic_routed_limits
    - instance_nic_bridged_vlan
    - network_state_bond_bridge
    - usedby_consistency
    - custom_block_volumes
    - clustering_failure_domains
    - resources_gpu_mdev
    - console_vga_type
    - projects_limits_disk
    - network_type_macvlan
    - network_type_sriov
    - container_syscall_intercept_bpf_devices
    - network_type_ovn
    - projects_networks
    - projects_networks_restricted_uplinks
    - custom_volume_backup
    - backup_override_name
    - storage_rsync_compression
    - network_type_physical
    - network_ovn_external_subnets
    - network_ovn_nat
    - network_ovn_external_routes_remove
    - tpm_device_type
    - storage_zfs_clone_copy_rebase
    - gpu_mdev
    - resources_pci_iommu
    - resources_network_usb
    - resources_disk_address
    - network_physical_ovn_ingress_mode
    - network_ovn_dhcp
    - network_physical_routes_anycast
    - projects_limits_instances
    - network_state_vlan
    - instance_nic_bridged_port_isolation
    - instance_bulk_state_change
    - network_gvrp
    - instance_pool_move
    - gpu_sriov
    - pci_device_type
    - storage_volume_state
    - network_acl
    - migration_stateful
    - disk_state_quota
    - storage_ceph_features
    - projects_compression
    - projects_images_remote_cache_expiry
    - certificate_project
    - network_ovn_acl
    - projects_images_auto_update
    - projects_restricted_cluster_target
    - images_default_architecture
    - network_ovn_acl_defaults
    - gpu_mig
    - project_usage
    - network_bridge_acl
    - warnings
    - projects_restricted_backups_and_snapshots
    - clustering_join_token
    - clustering_description
    - server_trusted_proxy
    - clustering_update_cert
    - storage_api_project
    - server_instance_driver_operational
    - server_supported_storage_drivers
    - event_lifecycle_requestor_address
    - resources_gpu_usb
    - clustering_evacuation
    - network_ovn_nat_address
    - network_bgp
    - network_forward
    - custom_volume_refresh
    - network_counters_errors_dropped
    - metrics
    - image_source_project
    - clustering_config
    - network_peer
    - linux_sysctl
    - network_dns
    - ovn_nic_acceleration
    - certificate_self_renewal
    - instance_project_move
    - storage_volume_project_move
    - cloud_init
    - network_dns_nat
    - database_leader
    - instance_all_projects
    - clustering_groups
    - ceph_rbd_du
    - instance_get_full
    - qemu_metrics
    - gpu_mig_uuid
    - event_project
    - clustering_evacuation_live
    - instance_allow_inconsistent_copy
    - network_state_ovn
    - storage_volume_api_filtering
    - image_restrictions
    - storage_zfs_export
    - network_dns_records
    - storage_zfs_reserve_space
    - network_acl_log
    - storage_zfs_blocksize
    - metrics_cpu_seconds
    - instance_snapshot_never
    - certificate_token
    - instance_nic_routed_neighbor_probe
    - event_hub
    - agent_nic_config
    - projects_restricted_intercept
    - metrics_authentication
    - images_target_project
    - cluster_migration_inconsistent_copy
    - cluster_ovn_chassis
    - container_syscall_intercept_sched_setscheduler
    - storage_lvm_thinpool_metadata_size
    - storage_volume_state_total
    - instance_file_head
    - instances_nic_host_name
    - image_copy_profile
    - container_syscall_intercept_sysinfo
    - clustering_evacuation_mode
    - resources_pci_vpd
    api_status: stable
    api_version: "1.0"
    auth: trusted
    public: false
    auth_methods:
    - tls
    environment:
      addresses: []
      architectures:
      - aarch64
      - armv7l
      certificate: REDACTED
      certificate_fingerprint: REDACTED
      driver: lxc | qemu
      driver_version: 4.0.12 | 7.0.0
      firewall: nftables
      kernel: Linux
      kernel_architecture: aarch64
      kernel_features:
        idmapped_mounts: "true"
        netnsid_getifaddrs: "true"
        seccomp_listener: "true"
        seccomp_listener_continue: "true"
        shiftfs: "false"
        uevent_injection: "true"
        unpriv_fscaps: "true"
      kernel_version: 5.15.57-0-lts
      lxc_features:
        cgroup2: "true"
        core_scheduling: "true"
        devpts_fd: "true"
        idmapped_mounts_v2: "true"
        mount_injection_file: "true"
        network_gateway_device_route: "true"
        network_ipvlan: "true"
        network_l2proxy: "true"
        network_phys_macvlan_mtu: "true"
        network_veth_router: "true"
        pidfd: "true"
        seccomp_allow_deny_syntax: "true"
        seccomp_notify: "true"
        seccomp_proxy_send_notify_fd: "true"
      os_name: Alpine Linux
      os_version: 3.17_alpha20220715
      project: default
      server: lxd
      server_clustered: false
      server_event_mode: full-mesh
      server_name: router
      server_pid: 3203
      server_version: "5.2"
      storage: btrfs | zfs
      storage_version: 5.18.1 | 2.1.5-1
      storage_supported_drivers:
      - name: btrfs
        version: 5.18.1
        remote: false
      - name: dir
        version: "1"
        remote: false
      - name: zfs
        version: 2.1.5-1
        remote: false
    

    Issue description

    On Alpine, gzip is a symlink:

    # ls -lah /bin/gzip
    lrwxrwxrwx    1 root     root          12 Aug  1 19:45 /bin/gzip -> /bin/busybox
    

    LXD doesn't resolve that path to add it to the apparmor profile so lxc launch fails with:

    Error: Failed instance creation: Failed creating instance from image: Unpack failed: Process exited with non-zero value 2
    

    lxd.log:

    level=warning msg="Unpack failed" allowedCmds="[gzip]" err="Process exited with non-zero value 2" extension=.tar.gz file=/var/lib/lxd/images/68d9d65b9225e2dce3c30fef34f7e1671f61e1c87d6649cb19b9900877c19017 path=/var/lib/lxd/storage-pools/default/images/68d9d65b9225e2dce3c30fef34f7e1671f61e1c87d6649cb19b9900877c19017
    

    dmesg:

    [ 4212.393157] audit: type=1400 audit(1659419741.945:19): apparmor="STATUS" operation="profile_load" profile="unconfined" name="lxd_archive-var-lib-lxd-storage-pools-default-images-68d9d65b9225e2dce3c30fef34f7e1671f61e1c87d6649cb19b9900877c19017" pid=23838 comm="apparmor_parser"
    [ 4212.406122] audit: type=1400 audit(1659419741.958:20): apparmor="DENIED" operation="exec" profile="lxd_archive-var-lib-lxd-storage-pools-default-images-68d9d65b9225e2dce3c30fef34f7e1671f61e1c87d6649cb19b9900877c19017" name="/bin/busybox" pid=23841 comm="tar" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
    [ 4212.406524] audit: type=1400 audit(1659419741.958:21): apparmor="DENIED" operation="exec" profile="lxd_archive-var-lib-lxd-storage-pools-default-images-68d9d65b9225e2dce3c30fef34f7e1671f61e1c87d6649cb19b9900877c19017" name="/bin/busybox" pid=23841 comm="tar" requested_mask="x" denied_mask="x" fsuid=0 ouid=0
    [ 4213.314076] audit: type=1400 audit(1659419742.868:22): apparmor="STATUS" operation="profile_remove" profile="unconfined" name="lxd_archive-var-lib-lxd-storage-pools-default-images-68d9d65b9225e2dce3c30fef34f7e1671f61e1c87d6649cb19b9900877c19017" pid=23843 comm="apparmor_parser"
    

    Steps to reproduce

    I don't expect you you reproduce my alpine setup, so here's untested steps that should reproduce this issue:

    1. Setup LXD on a system with apparmor enabled
    2. Install busybox and replace gzip with a symlink to that
    3. lxc launch an image in .tar.gz format

    If you can't find an image in .tar.gz format you might get the same result by turning unsquashfs into a symlink to another binary.

    Possible solution

    similar to https://github.com/stgraber/lxd/commit/4942a108f6f4822a91bc8ffe1e5ae07677b6c6c8 we might need to resolve the binary path when adding it do the apparmor profile. For security it's important to verify argv[0] though so you can't just run any busybox command. I hope that apparmor allows you to do that.

    Bug Easy 
    opened by M1cha 1
  • Inefficient use of prepared statements in DB generator

    Inefficient use of prepared statements in DB generator

    The DB generator uses a function called prepare(tx *sql.Tx, sql string) (*sql.Stmt, error) for running some adhoc queries.

    This is inefficient as the query is prepared each time the function is called, resulting in additional back and forth between LXD and the database layer. In clustered setups this can be over the network, amplifying the inefficiency.

    The affected functions are:

    • GetConfig
    • CreateConfig
    • DeleteConfig
    • GetDevices
    • CreateDevices
    • DeleteDevices

    We should change this to either:

    • A) Create prepared statements on DB connect rather than on every function call.
    • B) Use a single adhoc query execution and not use prepared statements.

    The end result being that the prepare function can be removed to avoid any regression in the future.

    Bug 
    opened by tomponline 0
  • [Proposal] Implement VGA console for container instances

    [Proposal] Implement VGA console for container instances

    This is an attempt to implement VGA console type for container instances by using a very simple approach: When lxc console --type=vga is launched for a container instance, it will create a proxy device for a SPICE server listening on the container. That means it is entirely up to the container/image to do most of the heavy lifting, and all this PR does is reuse the existing VM VGA console infrastructure.

    To simplify testing this PR, I've created a script which creates a local image for a Debian MATE desktop using Xorg spiceqxl driver: https://gist.github.com/tarruda/b6886fc7be3c21f2f878ea74e0ea7891. After running the script to create the image, use this to test the VGA display:

    lxc launch debian-mate-desktop-xspice mate --console=vga
    

    I'm not sure if there's a better way to expose the instance's socket, but creating a proxy device on demand was the easiest path I've found. IMO it ended up being more flexible too, since the user can override the proxy device in the instance config.

    opened by tarruda 2
Releases(lxd-5.4)
  • lxd-5.4(Jul 25, 2022)

    Announcement

    https://discuss.linuxcontainers.org/t/lxd-5-4-has-been-released/14683

    What's Changed

    • doc: storage: clarify moving of storage volumes by @ru-fu in https://github.com/lxc/lxd/pull/10602
    • doc: fix version switcher to work for latest by @ru-fu in https://github.com/lxc/lxd/pull/10603
    • lxd/network/openvswitch: Use %s so that delimiting quotes are not escaped. by @markylaing in https://github.com/lxc/lxd/pull/10607
    • Subprocess: Improve errors in ImportProcess by @tomponline in https://github.com/lxc/lxd/pull/10608
    • Tweaks to go-lxc usage by @stgraber in https://github.com/lxc/lxd/pull/10611
    • doc: storage: clarify that most docs are about custom volumes by @ru-fu in https://github.com/lxc/lxd/pull/10606
    • Update lifecycle events by @stgraber in https://github.com/lxc/lxd/pull/10612
    • Enables additional linters via golangci-lint config file. by @markylaing in https://github.com/lxc/lxd/pull/10600
    • doc: add link to YouTube video about image handling by @ru-fu in https://github.com/lxc/lxd/pull/10614
    • lxd/instance/lxc: Don't fail on missing apparmor by @stgraber in https://github.com/lxc/lxd/pull/10616
    • Shell linters and github action by @markylaing in https://github.com/lxc/lxd/pull/10617
    • Network: Load balancer struct prerequisites applied to network forwards by @tomponline in https://github.com/lxc/lxd/pull/10618
    • Tiny lint fixes by @simondeziel in https://github.com/lxc/lxd/pull/10619
    • lxd/network/driver/ovn: Inserts newlines after blocks. by @simondeziel in https://github.com/lxc/lxd/pull/10620
    • workflows: Removes unit tests and reinstates ubuntu client tests. by @markylaing in https://github.com/lxc/lxd/pull/10621
    • lxd/db/generate/lex: Use cases.Title instead of deprecated strings.Title by @markylaing in https://github.com/lxc/lxd/pull/10622
    • Generator: Fix config table error handling. by @masnax in https://github.com/lxc/lxd/pull/10626
    • Fix OVN docs by @ru-fu in https://github.com/lxc/lxd/pull/10629
    • workflows/static-analysis: Download but do not update dependencies. by @markylaing in https://github.com/lxc/lxd/pull/10632
    • Test: Add tests for passing unix character devices as disks into a container by @tomponline in https://github.com/lxc/lxd/pull/10631
    • Fix incorrect error fields in swagger by @stgraber in https://github.com/lxc/lxd/pull/10638
    • lxd/resources: Handle invalid VPD lengths by @stgraber in https://github.com/lxc/lxd/pull/10637
    • Update for current candid by @stgraber in https://github.com/lxc/lxd/pull/10635
    • lxd/instance/qemu: Fix qemuCPU template broken numa section by @tarruda in https://github.com/lxc/lxd/pull/10642
    • Storage: Fix instance root disk volume config overrides leak volume DB record error by @tomponline in https://github.com/lxc/lxd/pull/10641
    • DB: Optimise query pattern for InstanceList by @tomponline in https://github.com/lxc/lxd/pull/10634
    • Network: OVN load balancers by @tomponline in https://github.com/lxc/lxd/pull/10609
    • Don't double TLS connections between LXD and agent by @stgraber in https://github.com/lxc/lxd/pull/10644
    • Instance: Don't wait for update operation to complete when removing disk from running container by @tomponline in https://github.com/lxc/lxd/pull/10647
    • Instance: Revert InstanceList selective config loading optimisation by @tomponline in https://github.com/lxc/lxd/pull/10648
    • Upgrades shellcheck to version 0.8.0 by @markylaing in https://github.com/lxc/lxd/pull/10649
    • doc/instances: add link to NVIDIA video by @ru-fu in https://github.com/lxc/lxd/pull/10653
    • lxd: Replace use of cluster "node" with "member" in user facing text by @tomponline in https://github.com/lxc/lxd/pull/10655
    • doc: add a more complete prometheus.yaml example by @simondeziel in https://github.com/lxc/lxd/pull/10656
    • doc: update storage driver reference by @ru-fu in https://github.com/lxc/lxd/pull/10643
    • Generator: Fixes for external calling by @masnax in https://github.com/lxc/lxd/pull/10658
    • doc: Load balancer fixes by @ru-fu in https://github.com/lxc/lxd/pull/10657
    • lxd/resources: Better handle invalid VPD by @stgraber in https://github.com/lxc/lxd/pull/10663
    • doc: Fix use of setup/set up by @stgraber in https://github.com/lxc/lxd/pull/10665
    • Several fixes to the storage docs by @ru-fu in https://github.com/lxc/lxd/pull/10664
    • Bidirectional vsock interface by @monstermunchkin in https://github.com/lxc/lxd/pull/10610
    • Support volume.* configurations by @presztak in https://github.com/lxc/lxd/pull/10613
    • lxd: Deprecates ceph.osd.force_reuse Ceph storage pool setting by @tomponline in https://github.com/lxc/lxd/pull/10666
    • lxc: Clarify that monitor --log-level can only be used with pretty formatting mode by @tomponline in https://github.com/lxc/lxd/pull/10671
    • Doc: Two additional storage how-tos by @ru-fu in https://github.com/lxc/lxd/pull/10673
    • Storage: Fix ParseFloat warnings when instance on LVM thinpool not running by @tomponline in https://github.com/lxc/lxd/pull/10676
    • doc/storage: move content from FAQ to storage section by @ru-fu in https://github.com/lxc/lxd/pull/10675
    • lxd/resources: Better handle ethtool errors by @stgraber in https://github.com/lxc/lxd/pull/10677
    • lxd/instance/drivers: Handle QEMU I/O errors by @stgraber in https://github.com/lxc/lxd/pull/10678
    • Client: Add 30s HTTP header timeout for image download by @tomponline in https://github.com/lxc/lxd/pull/10681
    • VM: Fix instance reference leak in getMonitorEventHandler by @tomponline in https://github.com/lxc/lxd/pull/10682
    • DB: Make config tables value fields NOT NULL by @tomponline in https://github.com/lxc/lxd/pull/10680
    • doc: Update cloud-init.md with user-data examples by @cricalix in https://github.com/lxc/lxd/pull/10669
    • lxd/instance/drivers: Rename agentReady to agentStarted by @monstermunchkin in https://github.com/lxc/lxd/pull/10683
    • Fix v1 generator code style by @masnax in https://github.com/lxc/lxd/pull/10684
    • DB: Query optimisations by @tomponline in https://github.com/lxc/lxd/pull/10685
    • Don't expose internal structs by @stgraber in https://github.com/lxc/lxd/pull/10686

    New Contributors

    • @cricalix made their first contribution in https://github.com/lxc/lxd/pull/10669

    Full Changelog: https://github.com/lxc/lxd/compare/lxd-5.3...lxd-5.4

    Source code(tar.gz)
    Source code(zip)
    bin.linux.lxc(18.92 MB)
    bin.linux.lxd-migrate(15.96 MB)
    bin.macos.lxc(18.66 MB)
    bin.windows.lxc.exe(19.19 MB)
    lxd-5.4.tar.gz(13.98 MB)
    lxd-5.4.tar.gz.asc(833 bytes)
  • lxd-5.3(Jun 24, 2022)

    Announcement

    https://discuss.linuxcontainers.org/t/lxd-5-3-has-been-released/14439

    What's Changed

    • lxd/resources: Handle ethtool not supported by @stgraber in https://github.com/lxc/lxd/pull/10465
    • Fix issue with image profiles during copy by @stgraber in https://github.com/lxc/lxd/pull/10466
    • Fix bad profile copy handling by @stgraber in https://github.com/lxc/lxd/pull/10467
    • lxd/main_forkfile: Change counting model by @stgraber in https://github.com/lxc/lxd/pull/10469
    • Instance: Convert more qemu config templates by @tarruda in https://github.com/lxc/lxd/pull/10450
    • doc: fix version numbers in the version switcher by @ru-fu in https://github.com/lxc/lxd/pull/10476
    • lxd/instance/lxc: Stop forkfile on restore by @stgraber in https://github.com/lxc/lxd/pull/10477
    • Storage doc by @ru-fu in https://github.com/lxc/lxd/pull/10475
    • Events: Remove frequent Failed closing listener connection error by @tomponline in https://github.com/lxc/lxd/pull/10472
    • Operations: Fixes race conditions on status propery and improves some function names by @tomponline in https://github.com/lxc/lxd/pull/10471
    • Database Refactor: Profiles by @masnax in https://github.com/lxc/lxd/pull/10463
    • Instance: convert qemuCPU plus a few other simple templates by @tarruda in https://github.com/lxc/lxd/pull/10473
    • Storage: Don't close migration socket on error by @tomponline in https://github.com/lxc/lxd/pull/10480
    • doc: update info on how to grow a ZFS pool by @ru-fu in https://github.com/lxc/lxd/pull/10482
    • Instance: Allow 5 minutes for the root disk unmount process by @tomponline in https://github.com/lxc/lxd/pull/10486
    • Instance: convert remaining qemu templates by @tarruda in https://github.com/lxc/lxd/pull/10481
    • Instance: Fix ZFS tests with exclusive lock on refresh by @tomponline in https://github.com/lxc/lxd/pull/10484
    • How to create a storage pool by @ru-fu in https://github.com/lxc/lxd/pull/10485
    • doc: storage: Clarify driver names by @ru-fu in https://github.com/lxc/lxd/pull/10488
    • Instance: Final cleanup after refactoring qemu config building by @tarruda in https://github.com/lxc/lxd/pull/10487
    • lxd/storage/drivers/zfs: Fix VM migration by @monstermunchkin in https://github.com/lxc/lxd/pull/10489
    • Operations: Prevent image related background tasks from running concurrently and stepping on each other by @tomponline in https://github.com/lxc/lxd/pull/10491
    • Events: Consistently close connection on function exit by @tomponline in https://github.com/lxc/lxd/pull/10490
    • Storage: Custom volume migration fixes by @tomponline in https://github.com/lxc/lxd/pull/10493
    • How to add storage volumes by @ru-fu in https://github.com/lxc/lxd/pull/10494
    • Restore unprivileged archive unpack behavior by @stgraber in https://github.com/lxc/lxd/pull/10495
    • doc/howto/ovn: Fix incorrect config syntax by @stgraber in https://github.com/lxc/lxd/pull/10497
    • doc: storage: clarification about sharing of storage volumes by @ru-fu in https://github.com/lxc/lxd/pull/10500
    • Update /1.0/events API description by @stgraber in https://github.com/lxc/lxd/pull/10499
    • lxd/instance/qemu: Support running inside a LXD container by @stgraber in https://github.com/lxc/lxd/pull/10504
    • lxd/operations: Fix crash on nil state by @stgraber in https://github.com/lxc/lxd/pull/10508
    • chore: Set permissions for GitHub actions by @nathannaveen in https://github.com/lxc/lxd/pull/10513
    • Storage: Restore missing instance volume snapshot DB records by @tomponline in https://github.com/lxc/lxd/pull/10516
    • LXD: Move away from accepting revert.Reverter as an argument and instead return revert.Hook for cleanup by @tomponline in https://github.com/lxc/lxd/pull/10502
    • chore: Included githubactions in the dependabot config by @naveensrinivasan in https://github.com/lxc/lxd/pull/10515
    • build(deps): bump actions/labeler from 3 to 4 by @dependabot in https://github.com/lxc/lxd/pull/10518
    • build(deps): bump actions/upload-artifact from 2 to 3 by @dependabot in https://github.com/lxc/lxd/pull/10520
    • build(deps): bump actions/setup-go from 2 to 3 by @dependabot in https://github.com/lxc/lxd/pull/10517
    • build(deps): bump actions/checkout from 2 to 3 by @dependabot in https://github.com/lxc/lxd/pull/10519
    • Tweak Github Actions by @stgraber in https://github.com/lxc/lxd/pull/10521
    • Migration: Improve migration index header negotiation and format by @tomponline in https://github.com/lxc/lxd/pull/10523
    • doc: Update for new myst_parser by @stgraber in https://github.com/lxc/lxd/pull/10527
    • lxd-user: Use getent by @stgraber in https://github.com/lxc/lxd/pull/10528
    • lxd/certificates: Require an address for token issuance by @stgraber in https://github.com/lxc/lxd/pull/10529
    • Fix network forward example in edit by @stgraber in https://github.com/lxc/lxd/pull/10532
    • lxd/instance/qemu: Drop bootIndex from PCI by @stgraber in https://github.com/lxc/lxd/pull/10530
    • lxd/cgroup: Better handle broken CGroupV2 setups by @stgraber in https://github.com/lxc/lxd/pull/10533
    • Handle custom volume refresh properly by @monstermunchkin in https://github.com/lxc/lxd/pull/10510
    • github: Only run dependencies check on PR by @stgraber in https://github.com/lxc/lxd/pull/10535
    • Instance: Allow storage volume config to be migrated by @tomponline in https://github.com/lxc/lxd/pull/10526
    • tests: Skip EDITOR=cat when not a terminal by @stgraber in https://github.com/lxc/lxd/pull/10536
    • doc: fix indentation for commands by @ru-fu in https://github.com/lxc/lxd/pull/10538
    • New raw.qemu.conf config option by @tarruda in https://github.com/lxc/lxd/pull/10512
    • doc/instances: Add section about raw.qemu.conf by @tarruda in https://github.com/lxc/lxd/pull/10539
    • doc: add link to video about network forwards by @ru-fu in https://github.com/lxc/lxd/pull/10544
    • Generator: Handle Devices as a collection by @masnax in https://github.com/lxc/lxd/pull/10541
    • Database: Refactor database actions for Instances by @masnax in https://github.com/lxc/lxd/pull/10542
    • Fix sysinfo boottime by @stgraber in https://github.com/lxc/lxd/pull/10549
    • Database: Refactor db.InstanceSnapshot to cluster.InstanceSnapshot by @masnax in https://github.com/lxc/lxd/pull/10547
    • Database: Refactor db.Image to cluster.Image by @masnax in https://github.com/lxc/lxd/pull/10548
    • Database: Refactor db.Operation to cluster.Operation by @masnax in https://github.com/lxc/lxd/pull/10550
    • Fix incorrect usage on lxc storage volume by @stgraber in https://github.com/lxc/lxd/pull/10555
    • lxd/profiles/utils: Add missing profiles slice check by @masnax in https://github.com/lxc/lxd/pull/10557
    • Storage doc: add howtos by @ru-fu in https://github.com/lxc/lxd/pull/10556
    • Instance: Move most of device lifecycle logic into common driver by @tomponline in https://github.com/lxc/lxd/pull/10551
    • lxd/dns: Add support for SOA (and accept IXFR) by @stgraber in https://github.com/lxc/lxd/pull/10559
    • Enables gosimple linter and fixes lint errors by @markylaing in https://github.com/lxc/lxd/pull/10562
    • Device: Allow copying and snapshot restoring instance snapshots that results in device confict by @tomponline in https://github.com/lxc/lxd/pull/10546
    • Instance: Use the negotiated index migration header version on target by @tomponline in https://github.com/lxc/lxd/pull/10567
    • Fix ACL UsedBy Instance type assertion by @masnax in https://github.com/lxc/lxd/pull/10570
    • Instance: Stop and remove device after non-user requested update validation fails by @tomponline in https://github.com/lxc/lxd/pull/10572
    • lxd/device/disk: Fix ceph creds on custom volumes by @stgraber in https://github.com/lxc/lxd/pull/10574
    • build(deps): bump actions/dependency-review-action from 1 to 2 by @dependabot in https://github.com/lxc/lxd/pull/10577
    • github: Disable dependabot labels by @stgraber in https://github.com/lxc/lxd/pull/10581
    • lxd/network/ovs: Add timeout to nbctl/sbctl by @stgraber in https://github.com/lxc/lxd/pull/10582
    • doc: add link to the YouTube video about network zones by @ru-fu in https://github.com/lxc/lxd/pull/10586
    • shared/logger: Filter event levels for syslog by @stgraber in https://github.com/lxc/lxd/pull/10584
    • Add cephfs.fscache by @stgraber in https://github.com/lxc/lxd/pull/10583
    • lxc: List volumes under used-by by @monstermunchkin in https://github.com/lxc/lxd/pull/10579
    • doc: Rename refquota config key name for use_refquota by @presztak in https://github.com/lxc/lxd/pull/10588
    • doc: storage: I/O limits by @ru-fu in https://github.com/lxc/lxd/pull/10592
    • doc: storage: how to back up storage volumes by @ru-fu in https://github.com/lxc/lxd/pull/10587
    • Adds staticcheck and fixes lint errors by @markylaing in https://github.com/lxc/lxd/pull/10580
    • doc: storage: cleanup of the general storage drivers reference by @ru-fu in https://github.com/lxc/lxd/pull/10593
    • Fixes structcheck, typecheck, unused, varcheck lint errors by @markylaing in https://github.com/lxc/lxd/pull/10594
    • lxd-agent exec bug by @markylaing in https://github.com/lxc/lxd/pull/10597
    • Fix migration between LXD 4.0 and LXD 5.0 by @monstermunchkin in https://github.com/lxc/lxd/pull/10591
    • lxd-generate: Revert to deprecated strings.Title. by @markylaing in https://github.com/lxc/lxd/pull/10598
    • Add some API constants by @stgraber in https://github.com/lxc/lxd/pull/10599

    New Contributors

    • @nathannaveen made their first contribution in https://github.com/lxc/lxd/pull/10513
    • @naveensrinivasan made their first contribution in https://github.com/lxc/lxd/pull/10515
    • @dependabot made their first contribution in https://github.com/lxc/lxd/pull/10518

    Full Changelog: https://github.com/lxc/lxd/compare/lxd-5.2...lxd-5.3

    Source code(tar.gz)
    Source code(zip)
    bin.linux.lxc.linux(18.84 MB)
    bin.linux.lxd-migrate.linux(15.93 MB)
    bin.macos.lxc.mac(18.58 MB)
    bin.windows.lxc.exe(19.13 MB)
    lxd-5.3.tar.gz(13.80 MB)
    lxd-5.3.tar.gz.asc(833 bytes)
  • lxd-5.2(May 28, 2022)

    Announcement

    https://discuss.linuxcontainers.org/t/lxd-5-2-has-been-released/14200

    What's Changed

    • Fix btrfs issue "cannot find parent subvolume" by @monstermunchkin in https://github.com/lxc/lxd/pull/10346
    • lxd/secommp: Fix sysinfo syscall interception on 32 bit platforms by @tomponline in https://github.com/lxc/lxd/pull/10348
    • Client: Add some default timeouts by @tomponline in https://github.com/lxc/lxd/pull/10351
    • lxd/certificates: Check token for trusted admins by @monstermunchkin in https://github.com/lxc/lxd/pull/10352
    • doc: Fix typos by @hnakamur in https://github.com/lxc/lxd/pull/10353
    • server.crt referred to as lxd.crt in the prometheus config file by @pmarini-nc in https://github.com/lxc/lxd/pull/10355
    • Inclusive language by @ru-fu in https://github.com/lxc/lxd/pull/10360
    • github: Re-organize workflows by @stgraber in https://github.com/lxc/lxd/pull/10361
    • Peer routing relationships by @ru-fu in https://github.com/lxc/lxd/pull/10358
    • shared/network: Always return 0 on error by @monstermunchkin in https://github.com/lxc/lxd/pull/10365
    • lxc: Fix instance snapshot deletion by @tomponline in https://github.com/lxc/lxd/pull/10364
    • doc: document how to handle SAN vs target name mismatch in Prometheus sample by @simondeziel in https://github.com/lxc/lxd/pull/10368
    • lxd: Prevent use of instance/snapshot name in instance specific routes by @tomponline in https://github.com/lxc/lxd/pull/10367
    • lxc/list: Don't skip extra info when name filtering by @stgraber in https://github.com/lxc/lxd/pull/10369
    • doc: update firewall configuration documentation by @ru-fu in https://github.com/lxc/lxd/pull/10328
    • doc: rework doc for setting up OVN by @ru-fu in https://github.com/lxc/lxd/pull/10356
    • lxd/certificates: Fix token request validation by @stgraber in https://github.com/lxc/lxd/pull/10375
    • doc: add a Discourse link about simple streams by @ru-fu in https://github.com/lxc/lxd/pull/10378
    • lxc/config_trust: revoke-token requires a name, not a token by @simondeziel in https://github.com/lxc/lxd/pull/10380
    • lxc/config_trust: clarify help for join token creation by @simondeziel in https://github.com/lxc/lxd/pull/10382
    • lxd/project: Fix bad error on invalid instance type by @stgraber in https://github.com/lxc/lxd/pull/10381
    • lxd/request: Export CtxKey type and use for all keys. by @markylaing in https://github.com/lxc/lxd/pull/10384
    • lxd/daemon: Fix LXD crash is failing to start due to already running LXD process by @tomponline in https://github.com/lxc/lxd/pull/10383
    • Storage: Align UnmountVolume in storage drivers by @tomponline in https://github.com/lxc/lxd/pull/10385
    • Storage: Adds ref counting to volume snapshot mount/unmount by @tomponline in https://github.com/lxc/lxd/pull/10325
    • lxc/config: no name shown when editing the instance's config by @simondeziel in https://github.com/lxc/lxd/pull/10390
    • expose PCI VPD info in resources by @albertodonato in https://github.com/lxc/lxd/pull/10387
    • Network: Pass --wait=sb when using ovn-nbctl for OVN networks by @tomponline in https://github.com/lxc/lxd/pull/10393
    • golangci-lint github action: deadcode by @markylaing in https://github.com/lxc/lxd/pull/10394
    • lxc/config: Add more examples by @stgraber in https://github.com/lxc/lxd/pull/10405
    • lxd/resources: Handle negative CPU indexes by @stgraber in https://github.com/lxc/lxd/pull/10403
    • Fixed small typo. (issue #10409) by @erik78se in https://github.com/lxc/lxd/pull/10410
    • Client: Increase header timeout from 30s to 1 hour by @tomponline in https://github.com/lxc/lxd/pull/10407
    • Storage: Restore instance snapshot volume config and description by @tomponline in https://github.com/lxc/lxd/pull/10398
    • Instance: Regenerate running VM NVRAM on next start if profile security.secureboot setting is changed by @tomponline in https://github.com/lxc/lxd/pull/10400
    • lxc/config_trust: Fix single argument trust remove by @stgraber in https://github.com/lxc/lxd/pull/10406
    • lxc/profile: Add cross-project copy by @stgraber in https://github.com/lxc/lxd/pull/10404
    • Use server-side filtering for CLI list commands by @presztak in https://github.com/lxc/lxd/pull/10140
    • Storage: Populate snapshot volume info in instance backup.yaml file and use it when restoring by @tomponline in https://github.com/lxc/lxd/pull/10402
    • Instance: Show non-editable fields in lxc config edit screen without expanded config by @tomponline in https://github.com/lxc/lxd/pull/10397
    • lxd/resources: Handle unreadable VPD by @stgraber in https://github.com/lxc/lxd/pull/10413
    • lxd/instance: Fix auto-snapshot on restricted projects by @stgraber in https://github.com/lxc/lxd/pull/10415
    • Fix cpu and memory state for VMs by @monstermunchkin in https://github.com/lxc/lxd/pull/10414
    • Use QEMU rbd driver for VMs by @monstermunchkin in https://github.com/lxc/lxd/pull/10308
    • lxd/instance/qemu: Fix ceph username key by @stgraber in https://github.com/lxc/lxd/pull/10418
    • doc: add link to YouTube video for network ACLs by @ru-fu in https://github.com/lxc/lxd/pull/10421
    • lxd-agent/devlxd: Don't expand format strings by @monstermunchkin in https://github.com/lxc/lxd/pull/10424
    • Storage: Fix copy/move of custom volume snapshot so that its config is used for new volume by @tomponline in https://github.com/lxc/lxd/pull/10420
    • lxd/instance/drivers/qemu: Set conf option in rbd driver by @monstermunchkin in https://github.com/lxc/lxd/pull/10425
    • lxd/instance/drivers/qemu: Fix ceph conf filename by @monstermunchkin in https://github.com/lxc/lxd/pull/10429
    • Storage: Separate generation of backup config struct from writing it by @tomponline in https://github.com/lxc/lxd/pull/10427
    • Storage: Adds additonal error handling by @tomponline in https://github.com/lxc/lxd/pull/10430
    • lxd-generate: Appease errcheck linter in generated files by @markylaing in https://github.com/lxc/lxd/pull/10431
    • tests: Test stateless migration by @monstermunchkin in https://github.com/lxc/lxd/pull/10432
    • Generator: Use join tag for Create stmt primary key by @masnax in https://github.com/lxc/lxd/pull/10433
    • Lint with errcheck by @markylaing in https://github.com/lxc/lxd/pull/10428
    • doc/storage: Add CEPHFS to table by @stgraber in https://github.com/lxc/lxd/pull/10438
    • docs: Typo in ovn docs by @tomponline in https://github.com/lxc/lxd/pull/10439
    • Version switcher by @ru-fu in https://github.com/lxc/lxd/pull/10388
    • Instance: Stop source instance from freezing when using --allow-inconsistent by @markylaing in https://github.com/lxc/lxd/pull/10442
    • Storage: Fix custom volume refresh if volume doesn't exist in target by @tomponline in https://github.com/lxc/lxd/pull/10437
    • Bugfix: allow inconsistent copy for pool and project migrations by @markylaing in https://github.com/lxc/lxd/pull/10443
    • Storage: Add migration index header in order to send full volume and volume snapshot info by @tomponline in https://github.com/lxc/lxd/pull/10423
    • Allow inconsistent not working with refresh on the same storage pool. by @markylaing in https://github.com/lxc/lxd/pull/10447
    • doc: add a link to the YouTube video on BGP by @ru-fu in https://github.com/lxc/lxd/pull/10453
    • lxd/bgp: Enable multihop by @stgraber in https://github.com/lxc/lxd/pull/10451
    • doc: move storage content to different files by @ru-fu in https://github.com/lxc/lxd/pull/10452
    • Instance: Refactor config generation (qemuBase) by @tarruda in https://github.com/lxc/lxd/pull/10445
    • lxd/apparmor: Add mknod cap to archive by @stgraber in https://github.com/lxc/lxd/pull/10454
    • lxd/instance/qemu: Fix some variable names to match code style by @tarruda in https://github.com/lxc/lxd/pull/10455
    • Quick fixes to storage docs by @ru-fu in https://github.com/lxc/lxd/pull/10458
    • Optimize snapshot expiry by @stgraber in https://github.com/lxc/lxd/pull/10460
    • lxd/network: Disable IPv6 on bridges with no IPv6 address by @stgraber in https://github.com/lxc/lxd/pull/10459
    • cloud-init notification API by @monstermunchkin in https://github.com/lxc/lxd/pull/10359
    • Database performance fixes by @stgraber in https://github.com/lxc/lxd/pull/10457
    • Optimize automatic custom volume snapshots by @stgraber in https://github.com/lxc/lxd/pull/10461

    New Contributors

    • @pmarini-nc made their first contribution in https://github.com/lxc/lxd/pull/10355
    • @erik78se made their first contribution in https://github.com/lxc/lxd/pull/10410
    • @tarruda made their first contribution in https://github.com/lxc/lxd/pull/10445

    Full Changelog: https://github.com/lxc/lxd/compare/lxd-5.1...lxd-5.2

    Source code(tar.gz)
    Source code(zip)
    lxd-5.2.tar.gz(17.34 MB)
    lxd-5.2.tar.gz.asc(833 bytes)
  • lxd-5.1(Apr 28, 2022)

    Announcement

    https://discuss.linuxcontainers.org/t/lxd-5-1-has-been-released/13956

    What's Changed

    • lxd/instance/qemu: Fix bad topoext logic by @stgraber in https://github.com/lxc/lxd/pull/10168
    • lxd/storage/btrfs: Fix usage nested by @stgraber in https://github.com/lxc/lxd/pull/10167
    • Networking docs restructure by @ru-fu in https://github.com/lxc/lxd/pull/10139
    • lxd/instance/drivers/qemu: Add serial key to device by @monstermunchkin in https://github.com/lxc/lxd/pull/10173
    • Add/remove cluster role commands by @markylaing in https://github.com/lxc/lxd/pull/10172
    • Move SplitNTrimSpace to shared by @stgraber in https://github.com/lxc/lxd/pull/10174
    • Fix typo in notes by @745150400 in https://github.com/lxc/lxd/pull/10170
    • Storage: Move validation into storage package by @tomponline in https://github.com/lxc/lxd/pull/10169
    • lxd/cluster: Don't overwrite original volatile.evacuate.origin by @stgraber in https://github.com/lxc/lxd/pull/10176
    • Database Refactor Part 1: Decouple Certificates from their Projects. by @masnax in https://github.com/lxc/lxd/pull/10031
    • Image: Prevent concurrent delete race by @tomponline in https://github.com/lxc/lxd/pull/10179
    • DB: Update generator to use api.StatusErrorf(http.StatusNotFound) by @tomponline in https://github.com/lxc/lxd/pull/10178
    • Storage volume total size and used in a single query by @presztak in https://github.com/lxc/lxd/pull/10171
    • doc/rest-api: Refresh swagger YAML by @stgraber in https://github.com/lxc/lxd/pull/10180
    • lxd/util/net: Assign default port if no port given by @masnax in https://github.com/lxc/lxd/pull/10182
    • lxd/instance/qemu: Allow using external firmware or kernel by @stgraber in https://github.com/lxc/lxd/pull/10188
    • doc: move Sphinx extensions to a separate repo by @ru-fu in https://github.com/lxc/lxd/pull/10150
    • lxd/instance/qemu: Tweak warning on -bios/-kernel by @stgraber in https://github.com/lxc/lxd/pull/10193
    • Storage: Use TryUnmount without MNT_DETACH in DiskMountClear by @tomponline in https://github.com/lxc/lxd/pull/10185
    • lxd/instance: Fix RuntimeLiblxcVersionAtLeast to handle ~ by @stgraber in https://github.com/lxc/lxd/pull/10197
    • shared: allow EOPNOTSUPP from llistxattr() by @tych0 in https://github.com/lxc/lxd/pull/10198
    • Lxd 100 network bgp by @ru-fu in https://github.com/lxc/lxd/pull/10190
    • VM: Fix disk hotplugging issues by @tomponline in https://github.com/lxc/lxd/pull/10202
    • lxd/storage/drivers/btrfs: Fix optimized refresh by @monstermunchkin in https://github.com/lxc/lxd/pull/10192
    • Miscellaneous fixes by @monstermunchkin in https://github.com/lxc/lxd/pull/10204
    • Introduction operationlock around Update by @stgraber in https://github.com/lxc/lxd/pull/10203
    • Misc by @simondeziel in https://github.com/lxc/lxd/pull/10206
    • lxd/storage/drivers/zfs: Close stderr after copy by @monstermunchkin in https://github.com/lxc/lxd/pull/10211
    • Backup: Default to container instance type if not specified in backup config by @tomponline in https://github.com/lxc/lxd/pull/10209
    • LXD: Replace use of ErrNotFound with api.StatusError with code set to http.StatusNotFound by @tomponline in https://github.com/lxc/lxd/pull/10207
    • Update doc links by @stgraber in https://github.com/lxc/lxd/pull/10214
    • Network types documentation by @ru-fu in https://github.com/lxc/lxd/pull/10201
    • Storage: Updates genericVFSCopyVolume to not copy block volume files twice by @tomponline in https://github.com/lxc/lxd/pull/10213
    • Properly handle nesting a manually built LXD by @stgraber in https://github.com/lxc/lxd/pull/10215
    • lxd/instance/qemu: Avoid conflicting vsock IDs by @stgraber in https://github.com/lxc/lxd/pull/10216
    • Implement HEAD in file API by @stgraber in https://github.com/lxc/lxd/pull/10218
    • Storage: VM copy dir driver peformance improvements by @tomponline in https://github.com/lxc/lxd/pull/10217
    • Error improvements by @tomponline in https://github.com/lxc/lxd/pull/10220
    • test: drop dependency on uuidgen by @simondeziel in https://github.com/lxc/lxd/pull/10226
    • Add global config option instances.nic.host_name by @presztak in https://github.com/lxc/lxd/pull/10212
    • lxc/instance/drivers: Do not update root device pool by @monstermunchkin in https://github.com/lxc/lxd/pull/10224
    • Improve PTY error and prevent volatile key deletion by @stgraber in https://github.com/lxc/lxd/pull/10229
    • Fix format string expansion in devlxd by @stgraber in https://github.com/lxc/lxd/pull/10232
    • lxd/util: Extend tests for CanonicalNetworkAddress by @stgraber in https://github.com/lxc/lxd/pull/10230
    • Set msize for 9p mounts by @stgraber in https://github.com/lxc/lxd/pull/10228
    • Replace forkuserns with Go's native uid/gid map by @stgraber in https://github.com/lxc/lxd/pull/10227
    • doc: make it explicit that automake is needed to build LXD by @simondeziel in https://github.com/lxc/lxd/pull/10235
    • lxd/main_init_interactive: Mention port by @stgraber in https://github.com/lxc/lxd/pull/10237
    • tests: Add test for instances.nic.host_name by @stgraber in https://github.com/lxc/lxd/pull/10239
    • lxd/storage/drivers/zfs: Use -w flag with zfs send if possible by @monstermunchkin in https://github.com/lxc/lxd/pull/10240
    • Comment updates for upcoming godoc/gofmt changes by @stgraber in https://github.com/lxc/lxd/pull/10241
    • Re-enable some clustering unit tests by @stgraber in https://github.com/lxc/lxd/pull/10243
    • lxd/storage/drivers/zfs: send -w is possible since 0.8.0 by @simondeziel in https://github.com/lxc/lxd/pull/10248
    • Migration: Improve errors returned when failing to read control message by @tomponline in https://github.com/lxc/lxd/pull/10245
    • lxd: Switch to using api.StatusErrorCheck where appropriate by @tomponline in https://github.com/lxc/lxd/pull/10247
    • VM: Look for QEMU helpers in /usr/libexec/ by @tomponline in https://github.com/lxc/lxd/pull/10246
    • LXD: Updates ConnectIfInstanceIsRemote to return client preconfigured with instance's project by @tomponline in https://github.com/lxc/lxd/pull/10244
    • lxd-agent: Fix trans= handling by @stgraber in https://github.com/lxc/lxd/pull/10252
    • Show instance driver startup errors by @stgraber in https://github.com/lxc/lxd/pull/10242
    • lxd/device: Increase device name length restriction to 64 chars by @stgraber in https://github.com/lxc/lxd/pull/10251
    • Fix user triggered restart of ephemeral instances by @stgraber in https://github.com/lxc/lxd/pull/10254
    • VM: Use qemu-img convert rather than qemu-img dd and use direct I/O where possible by @tomponline in https://github.com/lxc/lxd/pull/10249
    • Bugfixes by @stgraber in https://github.com/lxc/lxd/pull/10257
    • client: Add GetMetrics by @stgraber in https://github.com/lxc/lxd/pull/10256
    • Cluster: Allow member join when a project has restricted.networks.subnets by @tomponline in https://github.com/lxc/lxd/pull/10259
    • Database Refactor: Remove UsedBy/Config from Projects by @masnax in https://github.com/lxc/lxd/pull/10225
    • VM: Fix stateful snapshot with QEMU >= 6.2 by @tomponline in https://github.com/lxc/lxd/pull/10262
    • Switch QEMU text console to socket by @stgraber in https://github.com/lxc/lxd/pull/10264
    • lxd/apparmor: Treat ramfs the same as tmpfs by @simondeziel in https://github.com/lxc/lxd/pull/10268
    • Network: Mark sriov network as available on successful start by @tomponline in https://github.com/lxc/lxd/pull/10273
    • LXD: Ensure that encoded URL segment variables are not considered for route matching by @tomponline in https://github.com/lxc/lxd/pull/10276
    • VM: Only attempt to open NVRAM file on UEFI architectures by @tomponline in https://github.com/lxc/lxd/pull/10277
    • Cluster: Separate, smaller timeout for client leader request by @MathieuBordere in https://github.com/lxc/lxd/pull/10284
    • Instance: Ensure that devices are added and removed in the correct order by @tomponline in https://github.com/lxc/lxd/pull/10285
    • lxd/storage/drivers/zfs: Fix optimized refresh in migration by @monstermunchkin in https://github.com/lxc/lxd/pull/10234
    • Network: Improve network zone name validation by @tomponline in https://github.com/lxc/lxd/pull/10280
    • Add a --profile option to lxc image copy by @presztak in https://github.com/lxc/lxd/pull/10269
    • Storage: Attempt to unmount volume if even mount task fails by @tomponline in https://github.com/lxc/lxd/pull/10289
    • Lower log level of "Detected poll(POLLNVAL) event" message by @simondeziel in https://github.com/lxc/lxd/pull/10292
    • Fix cluster join cert name issue by @stgraber in https://github.com/lxc/lxd/pull/10290
    • test: restore "set -x" at the end of respawn_lxd() by @simondeziel in https://github.com/lxc/lxd/pull/10295
    • test: avoid unbound var if cleanup() is called early on by @simondeziel in https://github.com/lxc/lxd/pull/10297
    • lxd/instance/qemu: Don't timeout during migration by @stgraber in https://github.com/lxc/lxd/pull/10294
    • lxc/utils: Fix bad error string by @stgraber in https://github.com/lxc/lxd/pull/10293
    • lxd/sys: Fix vsockID detection by @stgraber in https://github.com/lxc/lxd/pull/10301
    • Storage: Fix restoring non-thin LVM block volumes by @tomponline in https://github.com/lxc/lxd/pull/10299
    • lxd/storage: Allow parallel writes in qemu-img by @stgraber in https://github.com/lxc/lxd/pull/10303
    • Improve ceph.conf parser by @stgraber in https://github.com/lxc/lxd/pull/10304
    • Database: Package-based Tx functions and unified DB by @masnax in https://github.com/lxc/lxd/pull/10296
    • LXD: Removes TransactionCTX function and updates Transaction function to accept context by @tomponline in https://github.com/lxc/lxd/pull/10305
    • Sql dump schema table by @markylaing in https://github.com/lxc/lxd/pull/10298
    • Recursive rlock shutdown by @MathieuBordere in https://github.com/lxc/lxd/pull/10306
    • Sql dump all entities by @markylaing in https://github.com/lxc/lxd/pull/10310
    • Cosmetic fixes for test by @simondeziel in https://github.com/lxc/lxd/pull/10311
    • Replace 20.04/Focal Fossa by 22.04/Jammy Jellyfish by @simondeziel in https://github.com/lxc/lxd/pull/10307
    • Moves swagger response definitions to response package. by @markylaing in https://github.com/lxc/lxd/pull/10313
    • More generator flags by @masnax in https://github.com/lxc/lxd/pull/10315
    • shared/cert: Adds method for returning the public key as an x509 cert. by @markylaing in https://github.com/lxc/lxd/pull/10316
    • DB: Returns a status error on create if entry already exists by @markylaing in https://github.com/lxc/lxd/pull/10317
    • DB: Error status not found if "delete one" affects zero rows. by @markylaing in https://github.com/lxc/lxd/pull/10319
    • Doc: integrate with systemd-resolved by @ru-fu in https://github.com/lxc/lxd/pull/10318
    • Seccomp: Add syscall interception for sysinfo by @tomponline in https://github.com/lxc/lxd/pull/10283
    • lxd/project: Allow sysinfo intercept by @stgraber in https://github.com/lxc/lxd/pull/10320
    • lxd/device/disk: Handle long paths in virtiofsd by @monstermunchkin in https://github.com/lxc/lxd/pull/10321
    • gomod: Update github.com/canonical/go-dqlite to v1.11.1 by @tomponline in https://github.com/lxc/lxd/pull/10324
    • lxd/resources: Handle nested devices by @stgraber in https://github.com/lxc/lxd/pull/10327
    • Instance: Fix NIC removal failure on revert by @tomponline in https://github.com/lxc/lxd/pull/10326
    • shared/api: nowadays various types of certs are accepted by @simondeziel in https://github.com/lxc/lxd/pull/10333
    • lxc/file: Fix edit in snap environment by @stgraber in https://github.com/lxc/lxd/pull/10330
    • Allow overriding the cluster evacuation mode by @stgraber in https://github.com/lxc/lxd/pull/10332
    • Storage: Fix copy of running VM snapshot on non-thin LVM pool by @tomponline in https://github.com/lxc/lxd/pull/10331
    • lxc/storage: Show new Total field by @stgraber in https://github.com/lxc/lxd/pull/10334
    • Fix BTRFS optimized refresh by @monstermunchkin in https://github.com/lxc/lxd/pull/10339
    • test: Skip seccomp notify tests if seccomp notify not supported by @tomponline in https://github.com/lxc/lxd/pull/10337
    • doc: mention that ECDSA cert generation requires openssl 1.1.0+ by @simondeziel in https://github.com/lxc/lxd/pull/10342
    • Adds simple wrapper for a cancellable context by @markylaing in https://github.com/lxc/lxd/pull/10341
    • Storage: Fix unpacking image larger than default volume size for non-thin LVM pools by @tomponline in https://github.com/lxc/lxd/pull/10344
    • lxc/delete: Validate instances ahead of time by @stgraber in https://github.com/lxc/lxd/pull/10345

    Full Changelog: https://github.com/lxc/lxd/compare/lxd-5.0.0...lxd-5.1

    Source code(tar.gz)
    Source code(zip)
    lxd-5.1.tar.gz(17.18 MB)
    lxd-5.1.tar.gz.asc(833 bytes)
  • lxd-5.0.0(Apr 4, 2022)

    Announcement

    https://discuss.linuxcontainers.org/t/lxd-5-0-lts-has-been-released/13723

    What's Changed

    • fix typo by @tenforward in https://github.com/lxc/lxd/pull/10032
    • Update description in lxc file mount by @tenforward in https://github.com/lxc/lxd/pull/10033
    • sphinx: Don't pin dependencies by @stgraber in https://github.com/lxc/lxd/pull/10035
    • lxd: Warn if exec control connection disconnects prematurely by @tomponline in https://github.com/lxc/lxd/pull/10037
    • 'lxc storage volume info' returns empty 'EXPIRES AT' values by @presztak in https://github.com/lxc/lxd/pull/10038
    • Cluster: Fix hang during cluster upgrade due to missing event websocket handshake timeout by @tomponline in https://github.com/lxc/lxd/pull/10040
    • Prevent concurent snapshot and snapshot expiry for a volume by @presztak in https://github.com/lxc/lxd/pull/9992
    • Fix SFTP API issues by @stgraber in https://github.com/lxc/lxd/pull/10042
    • Client: Simplify setting request headers from client settings by @tomponline in https://github.com/lxc/lxd/pull/10043
    • Client: Replace httpHost with httpBaseURL to better indicate what it represents by @tomponline in https://github.com/lxc/lxd/pull/10044
    • test: Fix container devices nic bridged filtering tests on recent versions of nftables by @tomponline in https://github.com/lxc/lxd/pull/10045
    • client: Avoid connecting twice in rawSFTPConn by @tomponline in https://github.com/lxc/lxd/pull/10046
    • lxd: Minor improvements to naming, errors and comments related to auto snapshot pruning by @tomponline in https://github.com/lxc/lxd/pull/10047
    • Instance: Create log directory if needed before starting forkfile by @tomponline in https://github.com/lxc/lxd/pull/10048
    • Cluster: Improve logging in triggerUpdate by @tomponline in https://github.com/lxc/lxd/pull/10049
    • Extend lxc network info by @stgraber in https://github.com/lxc/lxd/pull/10050
    • Tests: Add function to wait for duplicate address detection by @markylaing in https://github.com/lxc/lxd/pull/10054
    • doc: restrict docutils version to fix parsing of notes by @ru-fu in https://github.com/lxc/lxd/pull/10055
    • lxc/file: Use random auth creds if no-auth and auth-user flags not specified by @tomponline in https://github.com/lxc/lxd/pull/10051
    • BGP fixes by @stgraber in https://github.com/lxc/lxd/pull/10058
    • Youtube links by @ru-fu in https://github.com/lxc/lxd/pull/10059
    • VM: Only enable io_uring support on kernels >= 5.13.0 by @tomponline in https://github.com/lxc/lxd/pull/10064
    • lxd/cgroup/abstractions: Wrap parse errors to give context of problematic value by @tomponline in https://github.com/lxc/lxd/pull/10065
    • Storage: Prevent white space in storage pool names by @tomponline in https://github.com/lxc/lxd/pull/10066
    • Youtube links by @ru-fu in https://github.com/lxc/lxd/pull/10067
    • lxd/instance/lxc: Handle long forkfile socket paths by @stgraber in https://github.com/lxc/lxd/pull/10070
    • lxd/cluster: Don't mask lack of cluster response by @stgraber in https://github.com/lxc/lxd/pull/10071
    • HTTP: Ensure Connection: Upgrade header is returned when LXD upgrades a connection by @tomponline in https://github.com/lxc/lxd/pull/10076
    • Allow ipv{4,6} routes when using bridged security.ipv{4,6}_filtering by @markylaing in https://github.com/lxc/lxd/pull/9953
    • Device: Adds concept of a pre-start check to devices and pushes storage pool availability check into disk device by @tomponline in https://github.com/lxc/lxd/pull/10082
    • Add --target-project to lxc image copy by @presztak in https://github.com/lxc/lxd/pull/10068
    • UUID based cloud-init instance-id by @stgraber in https://github.com/lxc/lxd/pull/10069
    • LXD: Switch to transitional IsNotFoundError() helper function by @tomponline in https://github.com/lxc/lxd/pull/10086
    • Instance: Run all device pre-start checks before starting any device by @tomponline in https://github.com/lxc/lxd/pull/10072
    • lxc/utils/table: add compact table by @745150400 in https://github.com/lxc/lxd/pull/10084
    • shared/util/linux: only complain on xattr size increase by @adilger in https://github.com/lxc/lxd/pull/10090
    • Network: Degraded startup by @tomponline in https://github.com/lxc/lxd/pull/10056
    • Storage: Replaces bespoke revert with revert package by @tomponline in https://github.com/lxc/lxd/pull/10093
    • Discourse links clean by @ru-fu in https://github.com/lxc/lxd/pull/10074
    • Storage: Add and use VolumeDBDelete helper function by @tomponline in https://github.com/lxc/lxd/pull/10096
    • LXD: Allow disabling shiftfs independently of idmapped mount support by @tomponline in https://github.com/lxc/lxd/pull/10095
    • lxd-agent: cleaner shutdown sequence by @simondeziel in https://github.com/lxc/lxd/pull/10098
    • lxd/network/ovn: Don't use HostPathFollow on OVN configs by @stgraber in https://github.com/lxc/lxd/pull/10097
    • Network: Don't keep trying to start removed degraded networks by @tomponline in https://github.com/lxc/lxd/pull/10100
    • Storage: Update GetPoolByInstance to use instance's StoragePool() function by @tomponline in https://github.com/lxc/lxd/pull/10099
    • Various small fixes by @stgraber in https://github.com/lxc/lxd/pull/10106
    • grafana: Add missing datasource field by @stgraber in https://github.com/lxc/lxd/pull/10104
    • Related links by @ru-fu in https://github.com/lxc/lxd/pull/10108
    • Storage: Update VolumeDBSnapshotsGet for consistency with other functions by @tomponline in https://github.com/lxc/lxd/pull/10110
    • lxd/instance/qemu: Fix regression in cdrom handling by @stgraber in https://github.com/lxc/lxd/pull/10112
    • Use allow inconsistent for cluster migrations by @markylaing in https://github.com/lxc/lxd/pull/10094
    • Disk hotplug for VMs by @monstermunchkin in https://github.com/lxc/lxd/pull/10020
    • Storage: Simplify instance root disk volume config by @tomponline in https://github.com/lxc/lxd/pull/10115
    • doc/authentication: mention ECDSA keys as recommend by @simondeziel in https://github.com/lxc/lxd/pull/10126
    • Operations: Clean up operations on LXD shutdown by @tomponline in https://github.com/lxc/lxd/pull/10123
    • lxd/instance/drivers/qemu: Fix block devices by @monstermunchkin in https://github.com/lxc/lxd/pull/10127
    • lxd/images: Remove old db entry after image refresh by @monstermunchkin in https://github.com/lxc/lxd/pull/10121
    • Update TLS 1.2 ciphersuites by @simondeziel in https://github.com/lxc/lxd/pull/10128
    • Update dependencies ahead of LXD 5.0 by @stgraber in https://github.com/lxc/lxd/pull/10131
    • Fix help message on lxc export by @stgraber in https://github.com/lxc/lxd/pull/10134
    • Storage: Manage instance storage volume database records in storage package by @tomponline in https://github.com/lxc/lxd/pull/10109
    • Revert "lxd-agent: cleaner shutdown sequence" by @stgraber in https://github.com/lxc/lxd/pull/10135
    • Introduce OVN chassis role by @stgraber in https://github.com/lxc/lxd/pull/10119
    • shared: Adds generic HasKey by @tomponline in https://github.com/lxc/lxd/pull/10125
    • Make it easier to script token add by @stgraber in https://github.com/lxc/lxd/pull/10138
    • Client: Fix incorrect interpolation of % characters in errors by @tomponline in https://github.com/lxc/lxd/pull/10144
    • Image: Fix image refresh record management by @tomponline in https://github.com/lxc/lxd/pull/10136
    • shared/network: require TLS 1.2+ if LXD_INSECURE_TLS by @simondeziel in https://github.com/lxc/lxd/pull/10147
    • Image: Fix refresh tests by @tomponline in https://github.com/lxc/lxd/pull/10148
    • Storage: Align load functions with network package by @tomponline in https://github.com/lxc/lxd/pull/10146
    • Network zones documentation by @ru-fu in https://github.com/lxc/lxd/pull/10107
    • Support USB hotplugging by @monstermunchkin in https://github.com/lxc/lxd/pull/10075
    • lxd: Drop devPaths logic by @monstermunchkin in https://github.com/lxc/lxd/pull/10155
    • Remove old operations of offline cluster members by @monstermunchkin in https://github.com/lxc/lxd/pull/10145
    • doc: add link to multi-user video by @ru-fu in https://github.com/lxc/lxd/pull/10157
    • Replace interface{} with any by @tomponline in https://github.com/lxc/lxd/pull/10151
    • Add syscall interception for sched_setscheduler by @stgraber in https://github.com/lxc/lxd/pull/10143
    • Optimized refresh by @monstermunchkin in https://github.com/lxc/lxd/pull/9880
    • Remove pre LXD 4.0.0 patches by @tomponline in https://github.com/lxc/lxd/pull/10158
    • Storage: Add option to specify LVM thinpool metadata size and default to automatic sizing by @tomponline in https://github.com/lxc/lxd/pull/10152
    • Replace log15 with logrus by @stgraber in https://github.com/lxc/lxd/pull/10160
    • lxd: make sure we're operating relative to the correct pid namespace by @brauner in https://github.com/lxc/lxd/pull/10161
    • client: add function useCurrentServer instead of "r == source" by @745150400 in https://github.com/lxc/lxd/pull/10156
    • Various fixes by @stgraber in https://github.com/lxc/lxd/pull/10163
    • Remove pre LXD 4.0.0 schema patches by @tomponline in https://github.com/lxc/lxd/pull/10159
    • Pre-5.0 fixes by @stgraber in https://github.com/lxc/lxd/pull/10165

    New Contributors

    • @adilger made their first contribution in https://github.com/lxc/lxd/pull/10090

    Full Changelog: https://github.com/lxc/lxd/compare/lxd-4.24...lxd-5.0.0

    Source code(tar.gz)
    Source code(zip)
    lxd-5.0.0.tar.gz(16.88 MB)
    lxd-5.0.0.tar.gz.asc(833 bytes)
  • lxd-4.24(Mar 14, 2022)

    Announcement

    https://discuss.linuxcontainers.org/t/lxd-4-24-has-been-released/13550

    What's Changed

    • lxd-agent: Fix bad copy/paste by @stgraber in https://github.com/lxc/lxd/pull/9898
    • lxd/daemon: Fix http response error typos by @masnax in https://github.com/lxc/lxd/pull/9899
    • Daemon: Add the trusted cluster member fingerprint to the request context username field by @tomponline in https://github.com/lxc/lxd/pull/9901
    • lxd-migrate: Support certificate tokens by @monstermunchkin in https://github.com/lxc/lxd/pull/9900
    • Events: Replaces isLocal concept with event source by @tomponline in https://github.com/lxc/lxd/pull/9902
    • Events: Replaces listener level server location with server level location by @tomponline in https://github.com/lxc/lxd/pull/9903
    • go.mod: bump github.com/mdlayher/[email protected] by @mdlayher in https://github.com/lxc/lxd/pull/9907
    • lxd/main_init_interactive: Add missing : by @stgraber in https://github.com/lxc/lxd/pull/9911
    • lxc/console: Don't crash on manual disconnect by @stgraber in https://github.com/lxc/lxd/pull/9912
    • doc/metrics: stop tuning job's scrape_interval now that results are c… by @simondeziel in https://github.com/lxc/lxd/pull/9913
    • doc/metrics: don't assume any default scrape_interval value by @simondeziel in https://github.com/lxc/lxd/pull/9914
    • Rework FileResponse by @stgraber in https://github.com/lxc/lxd/pull/9915
    • lxd/response: Rename FileModify to FileModified by @stgraber in https://github.com/lxc/lxd/pull/9916
    • lxd/fsmonitor/drivers: Ignore stale file handle errors. by @markylaing in https://github.com/lxc/lxd/pull/9917
    • Remove state.State dependency from apparmor package by @presztak in https://github.com/lxc/lxd/pull/9920
    • Cluster: Heartbeat improvements by @tomponline in https://github.com/lxc/lxd/pull/9924
    • lxc/config_trust: Support --name flag for tokens by @monstermunchkin in https://github.com/lxc/lxd/pull/9927
    • test: Update clustering membership tests to not expect a specific promotion order of members by @tomponline in https://github.com/lxc/lxd/pull/9929
    • Client: Context improvements by @tomponline in https://github.com/lxc/lxd/pull/9928
    • Storage: Set all ZFS dataset mountpoint settings to legacy by @tomponline in https://github.com/lxc/lxd/pull/9922
    • Fix message typo: entriess to entries, doest to does by @hnakamur in https://github.com/lxc/lxd/pull/9933
    • test: Update cluster rebalance tests to not use member specific role logic by @tomponline in https://github.com/lxc/lxd/pull/9934
    • shared/api/url: Add WithQuery by @masnax in https://github.com/lxc/lxd/pull/9930
    • Cluster: Heartbeat improvement by @tomponline in https://github.com/lxc/lxd/pull/9935
    • lxc/cluster_group: Update long descriptions by @monstermunchkin in https://github.com/lxc/lxd/pull/9939
    • lxd/cgroup: Fix bad cpuset check by @stgraber in https://github.com/lxc/lxd/pull/9938
    • lxd/certificates: Fix token generation over HTTPS by @stgraber in https://github.com/lxc/lxd/pull/9937
    • Improve lxc query support for metrics by @stgraber in https://github.com/lxc/lxd/pull/9936
    • doc/metrics: use secp384r1 curve with SHA384 signature by @simondeziel in https://github.com/lxc/lxd/pull/9943
    • NIC: Various routed fixes and improvements by @tomponline in https://github.com/lxc/lxd/pull/9942
    • NIC: Don't attempt to clear bridged filter rules on stop if filtering is not enabled by @tomponline in https://github.com/lxc/lxd/pull/9945
    • NIC: Adds ipv{n}.neighbor_probe settings to routed NIC by @tomponline in https://github.com/lxc/lxd/pull/9944
    • lxd/instance/qemu: Allow live update of cluster.evacuate by @stgraber in https://github.com/lxc/lxd/pull/9947
    • lxd/certificates: Better handle authentication by @stgraber in https://github.com/lxc/lxd/pull/9948
    • Events: Add event-hub cluster member role by @tomponline in https://github.com/lxc/lxd/pull/9639
    • Restrict device names by @markylaing in https://github.com/lxc/lxd/pull/9946
    • Replace forkfile with Go implementation using SFTP by @stgraber in https://github.com/lxc/lxd/pull/9931
    • Add filesystem.Syncfs by @stgraber in https://github.com/lxc/lxd/pull/9955
    • Refresh instance allow inconsistent by @markylaing in https://github.com/lxc/lxd/pull/9954
    • Shared: Adds IsTrueOrEmpty and IsFalseOrEmpty by @tomponline in https://github.com/lxc/lxd/pull/9949
    • lxd/db/generate: Fix bad loop logic by @stgraber in https://github.com/lxc/lxd/pull/9956
    • lxd/instance/lxc: Use contextual logger in Metrics by @stgraber in https://github.com/lxc/lxd/pull/9958
    • doc: add Open Graph metadata by @ru-fu in https://github.com/lxc/lxd/pull/9959
    • Device: Name validation improvements by @tomponline in https://github.com/lxc/lxd/pull/9960
    • doc: fix Open Graph version by @ru-fu in https://github.com/lxc/lxd/pull/9961
    • Warnings: Fix logic bug in matching entityID in resolve and delete warning functions by @tomponline in https://github.com/lxc/lxd/pull/9963
    • Network: Fix DHCP static allocation bug by @tomponline in https://github.com/lxc/lxd/pull/9962
    • Adds lxd-agent option to apply name and MTU to nic devices by @markylaing in https://github.com/lxc/lxd/pull/9893
    • Add Context option to some DB actions. by @masnax in https://github.com/lxc/lxd/pull/9957
    • doc: fix the footer by @ru-fu in https://github.com/lxc/lxd/pull/9966
    • doc: Fix cert pathing in metrics.md by @vosdev in https://github.com/lxc/lxd/pull/9968
    • VM: Bug fixes and improvements to the lxd-agent NIC settings feature by @tomponline in https://github.com/lxc/lxd/pull/9967
    • Harden calls to image unpackers by @presztak in https://github.com/lxc/lxd/pull/9906
    • lxd/util/sys: Pass liblxc version to RuntimeLiblxcVersionAtLeast by @masnax in https://github.com/lxc/lxd/pull/9969
    • Detect and use io_uring for VMs by @stgraber in https://github.com/lxc/lxd/pull/9973
    • Warnings: Use DB generator for warnings functions by @tomponline in https://github.com/lxc/lxd/pull/9970
    • Image: Fix regressions in image unpack by @tomponline in https://github.com/lxc/lxd/pull/9975
    • VM: Fix VM support detection regression by @tomponline in https://github.com/lxc/lxd/pull/9976
    • lxd/apparmor: Allow rw remount of /run by @stgraber in https://github.com/lxc/lxd/pull/9981
    • Disable io_uring on loop pools by @stgraber in https://github.com/lxc/lxd/pull/9979
    • Add the Grafana dashboard (15726) by @simondeziel in https://github.com/lxc/lxd/pull/9982
    • Shared: Adds tcp package for setting timeouts on TCP connections by @tomponline in https://github.com/lxc/lxd/pull/9983
    • Fix bad help message on storage volume list by @stgraber in https://github.com/lxc/lxd/pull/9984
    • Storage: Degraded startup support for storage-pools by @tomponline in https://github.com/lxc/lxd/pull/9951
    • Warnings: Fix warnings removal on network delete by @tomponline in https://github.com/lxc/lxd/pull/9988
    • lxd/bgp: Fix RemovePrefixByOwner when multiple matches by @stgraber in https://github.com/lxc/lxd/pull/9990
    • Network: Don't refresh BGP prefixes during forward update by @tomponline in https://github.com/lxc/lxd/pull/9989
    • shared: Update ExtractConn to detect net.TCPConn by @tomponline in https://github.com/lxc/lxd/pull/9986
    • Wrap errors correctly and drop github.com/pkg/errors by @monstermunchkin in https://github.com/lxc/lxd/pull/9987
    • Instance: Add mount support via SFTP by @tomponline in https://github.com/lxc/lxd/pull/9985
    • VM: Disable io_uring support on loop backed pools by @tomponline in https://github.com/lxc/lxd/pull/9991
    • Improve network ACLs documentation by @ru-fu in https://github.com/lxc/lxd/pull/9993
    • Improve network forwards documentation by @ru-fu in https://github.com/lxc/lxd/pull/9995
    • VM: Improve secureboot needs to be disabled error by @tomponline in https://github.com/lxc/lxd/pull/9999
    • Device: Detect disk pool VM mount options using single call to os.Stat by @tomponline in https://github.com/lxc/lxd/pull/10001
    • Network: Update OVN LogicalRouterRoutes to support recent versions of ovn by @tomponline in https://github.com/lxc/lxd/pull/10002
    • seccomp: pass a PID FD to process_still_alive by @lephilousophe in https://github.com/lxc/lxd/pull/10003
    • Storage: Try auto starting instances when storage pools become available by @tomponline in https://github.com/lxc/lxd/pull/9994
    • lxc/file: Adds support for setting up local SFTP server for mount command by @tomponline in https://github.com/lxc/lxd/pull/9998
    • Add restricted.containers.interception to projects by @stgraber in https://github.com/lxc/lxd/pull/10008
    • lxd/instance/qemu: Switch TPM mode to CRB by @stgraber in https://github.com/lxc/lxd/pull/10006
    • lxd/apparmor/archive: Expand all paths by @stgraber in https://github.com/lxc/lxd/pull/10004
    • Improve lxc storage volume info by @stgraber in https://github.com/lxc/lxd/pull/10007
    • Allow unauthenticated metrics by @stgraber in https://github.com/lxc/lxd/pull/10005
    • Device: Fix regression for VM disk shares by @tomponline in https://github.com/lxc/lxd/pull/10010
    • LXD: Disable idmapped mounts if LXD_SHIFTFS_DISABLE=true by @tomponline in https://github.com/lxc/lxd/pull/10012
    • Fix live-migration of VMs and quiesce apparmor when using a LXD binary symlink by @stgraber in https://github.com/lxc/lxd/pull/10014
    • Fix disk usage in Grafana dashboard by @simondeziel in https://github.com/lxc/lxd/pull/10015
    • lxd/apparmor: Handle missing paths by @stgraber in https://github.com/lxc/lxd/pull/10017
    • Export sorting helpers. by @masnax in https://github.com/lxc/lxd/pull/10016
    • Add last-modified to file API by @stgraber in https://github.com/lxc/lxd/pull/10018
    • lxd/instance/qemu: Set spawn=allow by @stgraber in https://github.com/lxc/lxd/pull/10019
    • Warnings: Use WarningExists from DB generator by @tomponline in https://github.com/lxc/lxd/pull/10023
    • lxc/file: Adds --listen flag to mount command by @tomponline in https://github.com/lxc/lxd/pull/10021
    • lxd: Adds IdmappedMounts field to OS struct by @tomponline in https://github.com/lxc/lxd/pull/10022
    • lxd/device/nic: Lock concurrent access to networkSRIOVRestoreVF by @tomponline in https://github.com/lxc/lxd/pull/10025
    • Storage: Pass --numeric-owner to backup tar unpack command by @tomponline in https://github.com/lxc/lxd/pull/10027
    • Allow ipv{n}.address=none for bridged NICs on managed networks by @markylaing in https://github.com/lxc/lxd/pull/10026
    • tests: Fix ordering in bridge filtering test by @stgraber in https://github.com/lxc/lxd/pull/10029

    New Contributors

    • @vosdev made their first contribution in https://github.com/lxc/lxd/pull/9968

    Full Changelog: https://github.com/lxc/lxd/compare/lxd-4.23...lxd-4.24

    Source code(tar.gz)
    Source code(zip)
    lxd-4.24.tar.gz(17.12 MB)
    lxd-4.24.tar.gz.asc(833 bytes)
  • lxd-4.23(Feb 12, 2022)

    Announcement

    https://discuss.linuxcontainers.org/t/lxd-4-23-has-been-released/13359

    What's Changed

    • Take extra precautions when calling tar by @simondeziel in https://github.com/lxc/lxd/pull/9791
    • doc: Adds note about newuidmap to machine setup. by @markylaing in https://github.com/lxc/lxd/pull/9793
    • test: Fixes number of expected NAT rules when using xtables driver. by @markylaing in https://github.com/lxc/lxd/pull/9796
    • lxd/projects: Use expanded devices/config when checking for limits by @stgraber in https://github.com/lxc/lxd/pull/9794
    • Bug static ip on multiple bridged nics by @markylaing in https://github.com/lxc/lxd/pull/9790
    • test: Ensure ebtables is legacy when driver is xtables. by @markylaing in https://github.com/lxc/lxd/pull/9795
    • lxc/config/file: allow overriding default remote by env variable by @morphis in https://github.com/lxc/lxd/pull/9792
    • Introduce GetInstanceFull by @stgraber in https://github.com/lxc/lxd/pull/9799
    • Support context.Context in client by @whywaita in https://github.com/lxc/lxd/pull/9785
    • Fix live-migrate during evacuation and restore by @stgraber in https://github.com/lxc/lxd/pull/9801
    • lxd: Refresh all dnsmasq hosts during patch. by @markylaing in https://github.com/lxc/lxd/pull/9802
    • lxd/instance/drivers: Performs disk size check on stateful startup. by @markylaing in https://github.com/lxc/lxd/pull/9797
    • Security docs by @ru-fu in https://github.com/lxc/lxd/pull/9787
    • doc: fix loading of substitutions by @ru-fu in https://github.com/lxc/lxd/pull/9805
    • Growing a loop backed btrfs pool new note by @carlosduelo in https://github.com/lxc/lxd/pull/9804
    • doc: use absolute URL for Swagger by @ru-fu in https://github.com/lxc/lxd/pull/9803
    • Fix regression in volume snapshot sequence by @stgraber in https://github.com/lxc/lxd/pull/9807
    • Root folder files by @ru-fu in https://github.com/lxc/lxd/pull/9808
    • doc: fix broken links by @ru-fu in https://github.com/lxc/lxd/pull/9811
    • Enable VLAN ranges in vlan.tagged by @zakufish in https://github.com/lxc/lxd/pull/9580
    • Adds State function to network interface by @markylaing in https://github.com/lxc/lxd/pull/9817
    • Align ParseNetworkVLANRange with ParseUint32Range by @stgraber in https://github.com/lxc/lxd/pull/9819
    • Fix typos in network zone API/client by @stgraber in https://github.com/lxc/lxd/pull/9821
    • lxd/storage/btrfs: Add volume delete shortcut by @stgraber in https://github.com/lxc/lxd/pull/9820
    • doc: enable automatically generated anchors by @ru-fu in https://github.com/lxc/lxd/pull/9822
    • lxd/db: Fix storage_volumes sequence again by @stgraber in https://github.com/lxc/lxd/pull/9823
    • lxd: Use projectParam function in networkStateGet. by @markylaing in https://github.com/lxc/lxd/pull/9824
    • Report ovn network state by @markylaing in https://github.com/lxc/lxd/pull/9813
    • Port lxd/network to using fmt.Errorf instead of errors.Wrapf by @stgraber in https://github.com/lxc/lxd/pull/9825
    • lxd/instance/lxc: Use absolute rootfs by @stgraber in https://github.com/lxc/lxd/pull/9826
    • Implement server-side API filtering for storage volumes by @presztak in https://github.com/lxc/lxd/pull/9812
    • doc: kernel 5.15+ have sane value for net.core.bpf_jit_limit by @simondeziel in https://github.com/lxc/lxd/pull/9828
    • Addition of image requirements metadata by @cavcrosby in https://github.com/lxc/lxd/pull/9827
    • Add option to not export ZFS pool on shutdown by @presztak in https://github.com/lxc/lxd/pull/9829
    • lxd/instance/qemu: Enable HyperV flags on x86_64 by @stgraber in https://github.com/lxc/lxd/pull/9832
    • Fix test failures on recent kernels by @stgraber in https://github.com/lxc/lxd/pull/9835
    • lxd-agent: Fix bad network metric by @stgraber in https://github.com/lxc/lxd/pull/9836
    • Exportable TLS Authentication. by @masnax in https://github.com/lxc/lxd/pull/9837
    • Fix recent regressions (qemu & db) by @stgraber in https://github.com/lxc/lxd/pull/9841
    • Support for custom DNS records by @stgraber in https://github.com/lxc/lxd/pull/9840
    • ZFS reservation by @weastur in https://github.com/lxc/lxd/pull/9834
    • lxd: Only patch dnsmasq for networks in the db. by @markylaing in https://github.com/lxc/lxd/pull/9844
    • Add doc readme by @ru-fu in https://github.com/lxc/lxd/pull/9843
    • Instance migration consistency by @markylaing in https://github.com/lxc/lxd/pull/9833
    • lxc exec fixes by @stgraber in https://github.com/lxc/lxd/pull/9845
    • lxd/storage/drivers: Fixes reverter usage. by @markylaing in https://github.com/lxc/lxd/pull/9847
    • Fix forkdns issues by @stgraber in https://github.com/lxc/lxd/pull/9849
    • Add ability to retrieve ACL logs (OVN) by @stgraber in https://github.com/lxc/lxd/pull/9850
    • Option to configure the ZFS block size on volumes by @presztak in https://github.com/lxc/lxd/pull/9848
    • doc: quick cleanup of FAQ by @ru-fu in https://github.com/lxc/lxd/pull/9857
    • Fix bad CPU metrics by @stgraber in https://github.com/lxc/lxd/pull/9859
    • lxd/db: Refactor storage pool used by to get info on all nodes. by @markylaing in https://github.com/lxc/lxd/pull/9858
    • Clarify multiple gpu device passthrough by @markylaing in https://github.com/lxc/lxd/pull/9864
    • Improve doc/metrics by @simondeziel in https://github.com/lxc/lxd/pull/9865
    • Discard TLS errors caused by early connect termination for trusted proxies. by @markylaing in https://github.com/lxc/lxd/pull/9860
    • Varied small fixes by @stgraber in https://github.com/lxc/lxd/pull/9866
    • go.mod: use github.com/mdlayher/[email protected] by @mdlayher in https://github.com/lxc/lxd/pull/9869
    • lxd/instance/metrics: Fix incorrect memory metrics by @stgraber in https://github.com/lxc/lxd/pull/9870
    • Micro optimizations for metrics by @simondeziel in https://github.com/lxc/lxd/pull/9871
    • Generator: Add 'order' tag to generator by @masnax in https://github.com/lxc/lxd/pull/9872
    • More metrics fixes by @stgraber in https://github.com/lxc/lxd/pull/9874
    • Add @never cron pattern by @stgraber in https://github.com/lxc/lxd/pull/9873
    • Exec: Add channel closed check before writing in ExecReaderToChannel by @tomponline in https://github.com/lxc/lxd/pull/9877
    • doc/instances: Fix bridged NIC ipv{n}.address docs indicating none is valid value by @tomponline in https://github.com/lxc/lxd/pull/9879
    • NIC: Don't attempt to configure IPv6 reverse path filter on routed NIC if IPv6 not enabled by @tomponline in https://github.com/lxc/lxd/pull/9876
    • lxd/metrics: add EOL marker by @simondeziel in https://github.com/lxc/lxd/pull/9882
    • Rework metrics caching and filtering by @stgraber in https://github.com/lxc/lxd/pull/9883
    • Varied fixes (console, certificate, trust store) by @stgraber in https://github.com/lxc/lxd/pull/9884
    • Download doc assets by @ru-fu in https://github.com/lxc/lxd/pull/9886
    • Instance: Optimise DB queries during instance creation by @tomponline in https://github.com/lxc/lxd/pull/9887
    • Token based remote connection by @monstermunchkin in https://github.com/lxc/lxd/pull/9816
    • lxc: Translate all errors by @stgraber in https://github.com/lxc/lxd/pull/9889
    • doc: fix path to image in the header by @ru-fu in https://github.com/lxc/lxd/pull/9890
    • lxd/db: Uses api.URL to build used-by urls for storage pools. by @markylaing in https://github.com/lxc/lxd/pull/9888
    • Cluster: Fix non-leader transaction errors when leader shuts down cleanly by @tomponline in https://github.com/lxc/lxd/pull/9891
    • Assorted fixes ahead of 4.23 by @stgraber in https://github.com/lxc/lxd/pull/9895
    • lxc/console: Rework concurency model for vga by @stgraber in https://github.com/lxc/lxd/pull/9896
    • github: Update for current min Go version (1.16) by @stgraber in https://github.com/lxc/lxd/pull/9897
    • VM: Check lxd-agent is running (via QEMU status ringbuffer) before attempting to connect by @tomponline in https://github.com/lxc/lxd/pull/9894
    • Unified migration tool lxd-migrate by @monstermunchkin in https://github.com/lxc/lxd/pull/9784

    New Contributors

    • @whywaita made their first contribution in https://github.com/lxc/lxd/pull/9785
    • @carlosduelo made their first contribution in https://github.com/lxc/lxd/pull/9804
    • @weastur made their first contribution in https://github.com/lxc/lxd/pull/9834

    Full Changelog: https://github.com/lxc/lxd/compare/lxd-4.22...lxd-4.23

    Source code(tar.gz)
    Source code(zip)
    lxd-4.23.tar.gz(16.79 MB)
    lxd-4.23.tar.gz.asc(833 bytes)
  • lxd-4.0.9(Feb 3, 2022)

  • lxd-4.22(Jan 15, 2022)

    Announcement

    https://discuss.linuxcontainers.org/t/lxd-4-22-has-been-released/13137

    What's Changed

    • tests: Bump pg_num to 16 by @stgraber in https://github.com/lxc/lxd/pull/9661
    • test: Add 1s between running non-interactive exec and checking for exit status in operation by @tomponline in https://github.com/lxc/lxd/pull/9668
    • Events: Make Connect use an event driven wait approach for waiting until the event stream is connected by @tomponline in https://github.com/lxc/lxd/pull/9663
    • Cluster: Move notifyNodesUpdate call out of transaction in Join by @tomponline in https://github.com/lxc/lxd/pull/9670
    • lxc/list: Better handle --all-projects by @stgraber in https://github.com/lxc/lxd/pull/9672
    • Fix incorrect type of ceph.rbd.clone_copy in docs by @liamnickell in https://github.com/lxc/lxd/pull/9676
    • lxd/cluster: Update not clustered error by @stgraber in https://github.com/lxc/lxd/pull/9675
    • lxd/cluster: Handle lack of available target in evacuation by @stgraber in https://github.com/lxc/lxd/pull/9677
    • fuidshift: Remove accidental binary build by @stgraber in https://github.com/lxc/lxd/pull/9681
    • NIC: Enable IP forwarding on routed NIC veth host_name interface by @tomponline in https://github.com/lxc/lxd/pull/9682
    • Cluster: Remove panic in UpgradeMembersWithoutRole by @tomponline in https://github.com/lxc/lxd/pull/9683
    • gitignore: Ignore potential binaries by @stgraber in https://github.com/lxc/lxd/pull/9685
    • lxc/utils: Make byName sort all columns by @stgraber in https://github.com/lxc/lxd/pull/9687
    • NIC: Don't depend on existance of dnsmasq.pid file to write static DHCP allocation file by @tomponline in https://github.com/lxc/lxd/pull/9686
    • Generator: Use api.NewURL for URL generation by @masnax in https://github.com/lxc/lxd/pull/9618
    • Fix cluster group handling on instance creation by @stgraber in https://github.com/lxc/lxd/pull/9689
    • lxd/db/instance/profiles: Add missing error to stmt.Exec by @masnax in https://github.com/lxc/lxd/pull/9690
    • Cluster: Only take clusterMembershipMutex on leader by @tomponline in https://github.com/lxc/lxd/pull/9691
    • doc: use customized Furo theme by @ru-fu in https://github.com/lxc/lxd/pull/9671
    • API get Instance with more in-depth information by @presztak in https://github.com/lxc/lxd/pull/9662
    • lxd/db/cluster: Removes unused database views. by @markylaing in https://github.com/lxc/lxd/pull/9692
    • Cluster: Heartbeat system rework to allow for full-state member change notifications by @tomponline in https://github.com/lxc/lxd/pull/9695
    • Add TLS over Unix Socket support by @stgraber in https://github.com/lxc/lxd/pull/9694
    • NIC: Don't add auto gateway when IP family not in use by @tomponline in https://github.com/lxc/lxd/pull/9697
    • Lxc list wrong project names for same name instances by @markylaing in https://github.com/lxc/lxd/pull/9698
    • Disk: Fix support for bind mounting unix sockets as source by opening with O_PATH by @tomponline in https://github.com/lxc/lxd/pull/9700
    • lxd: Uses api.NewURL and sets project when querying other nodes. by @markylaing in https://github.com/lxc/lxd/pull/9702
    • Cluster: Heartbeat and event tweaks by @tomponline in https://github.com/lxc/lxd/pull/9701
    • Clean up index page by @ru-fu in https://github.com/lxc/lxd/pull/9588
    • Update to gobgp v3 and drop old protobuf by @stgraber in https://github.com/lxc/lxd/pull/9704
    • Agent-less VM metrics by @monstermunchkin in https://github.com/lxc/lxd/pull/9669
    • Makes description columns non-nullable. by @markylaing in https://github.com/lxc/lxd/pull/9684
    • doc: fix link in README by @ru-fu in https://github.com/lxc/lxd/pull/9707
    • Cluster: Logging consistency improvements and removes unnecessary call to EventsUpdateListeners by @tomponline in https://github.com/lxc/lxd/pull/9708
    • Migration: Enable TCP_USER_TIMEOUT and TCP keep alives on migration connections by @tomponline in https://github.com/lxc/lxd/pull/9710
    • lxd/images: Don't cleanup unknown images from shared volume by @stgraber in https://github.com/lxc/lxd/pull/9705
    • Cluster: Event listener socket cleanup and logging improvements by @tomponline in https://github.com/lxc/lxd/pull/9715
    • Cluster: If heartbeat context is cancelled during spread sleep then exit quicker by @tomponline in https://github.com/lxc/lxd/pull/9714
    • Checks that the host node is clustered before editing. by @markylaing in https://github.com/lxc/lxd/pull/9709
    • lxc/alias: Allows users to reference specific arguments. by @markylaing in https://github.com/lxc/lxd/pull/9713
    • lxd/cluster/recover: Return separate error if no raft role found by @masnax in https://github.com/lxc/lxd/pull/9717
    • Update minimum requirements by @stgraber in https://github.com/lxc/lxd/pull/9721
    • Fix progress indicator for 'lxc export' by @presztak in https://github.com/lxc/lxd/pull/9720
    • Exec: Don't attempt to send signals to VM lxd-agent process if command has finished by @tomponline in https://github.com/lxc/lxd/pull/9735
    • daemon: fix feature indentation by @brauner in https://github.com/lxc/lxd/pull/9737
    • Add support for UUID selection of NVIDIA MIG devices by @VincentK-Titandc in https://github.com/lxc/lxd/pull/9732
    • lxd/instance/drivers: Specify number of USB ports by @monstermunchkin in https://github.com/lxc/lxd/pull/9743
    • automatically add labels to PRs that contain doc changes by @ru-fu in https://github.com/lxc/lxd/pull/9742
    • Fix broken include by @ru-fu in https://github.com/lxc/lxd/pull/9746
    • Exec: Treat websocket control close message the same as a disconnect by @tomponline in https://github.com/lxc/lxd/pull/9750
    • doc: improve placement of header by @ru-fu in https://github.com/lxc/lxd/pull/9745
    • DB: Handle null ExpiryDate for custom volume snapshots by @tomponline in https://github.com/lxc/lxd/pull/9744
    • Fix lxc storage volume set on snapshots by @stgraber in https://github.com/lxc/lxd/pull/9751
    • lxd/instance: Prevent nvidia.runtime on privileged containers by @stgraber in https://github.com/lxc/lxd/pull/9752
    • shared/usbid: Document reasons to fork by @stgraber in https://github.com/lxc/lxd/pull/9753
    • Fix overriding public property by auto-update by @presztak in https://github.com/lxc/lxd/pull/9740
    • Switch back to upstream log15 by @stgraber in https://github.com/lxc/lxd/pull/9754
    • gmod: Updates go-dqlite by @tomponline in https://github.com/lxc/lxd/pull/9756
    • Small doc fixes by @ru-fu in https://github.com/lxc/lxd/pull/9759
    • Client: Maintain per-project event listeners and connections by @tomponline in https://github.com/lxc/lxd/pull/9760
    • Event: Add Project field to Event and rename group concept to projectName by @tomponline in https://github.com/lxc/lxd/pull/9757
    • github: Add API label to labeler by @stgraber in https://github.com/lxc/lxd/pull/9762
    • FD Leaks by @tomponline in https://github.com/lxc/lxd/pull/9764
    • Events: Add support for listener clients to send events back to server by @tomponline in https://github.com/lxc/lxd/pull/9763
    • lxd/instance/qemu: Always set memory sharing on memory-backend-file by @stgraber in https://github.com/lxc/lxd/pull/9768
    • lxc/exec: Don't send SIGWINCH when non-interactive by @stgraber in https://github.com/lxc/lxd/pull/9771
    • fsmonitor: fixes by @brauner in https://github.com/lxc/lxd/pull/9774
    • Automatically attempt live migration during evacuation by @liamnickell in https://github.com/lxc/lxd/pull/9673
    • Introduce the lxd-user daemon by @stgraber in https://github.com/lxc/lxd/pull/9777
    • lxd-user: use atomic operations by @brauner in https://github.com/lxc/lxd/pull/9779
    • lxd-user: More integration bits by @stgraber in https://github.com/lxc/lxd/pull/9781
    • lxd/db/cluster: Fixes v19 migration for sqlite 3.37. by @markylaing in https://github.com/lxc/lxd/pull/9769
    • lxd/network: Fixes misspelling of interface. by @markylaing in https://github.com/lxc/lxd/pull/9782
    • lxd: ensure file descriptors are closed before starting container by @brauner in https://github.com/lxc/lxd/pull/9778
    • Allow inconsistent rsync copies with flag by @markylaing in https://github.com/lxc/lxd/pull/9780
    • lxd/storage/ceph: Always pass cluster name and id by @stgraber in https://github.com/lxc/lxd/pull/9786
    • doc: only link the Swagger files that we actually need by @ru-fu in https://github.com/lxc/lxd/pull/9788
    • lxd/device: Adds arp check for nic routed device. by @markylaing in https://github.com/lxc/lxd/pull/9758

    New Contributors

    • @VincentK-Titandc made their first contribution in https://github.com/lxc/lxd/pull/9732

    Full Changelog: https://github.com/lxc/lxd/compare/lxd-4.21...lxd-4.22

    Source code(tar.gz)
    Source code(zip)
    lxd-4.22.tar.gz(11.30 MB)
    lxd-4.22.tar.gz.asc(833 bytes)
  • lxd-4.21(Dec 10, 2021)

    Announcement

    https://discuss.linuxcontainers.org/t/lxd-4-21-has-been-released/12860

    What's Changed

    • DB: Support go-dqlite v1.10.1 NULLable fields using sql.NullTime by @tomponline in https://github.com/lxc/lxd/pull/9485
    • Cluster: Fix self-removal of non-leader member from cluster by @tomponline in https://github.com/lxc/lxd/pull/9483
    • API: Prevent update of cluster.https_address in doApi10Update by @tomponline in https://github.com/lxc/lxd/pull/9487
    • Operations: Don't duplicate local operations in operationsGet when running in single member cluster by @tomponline in https://github.com/lxc/lxd/pull/9486
    • Cluster: Join leader address validation improvements by @tomponline in https://github.com/lxc/lxd/pull/9488
    • Doc: fix typo for hardware offload by @hnakamur in https://github.com/lxc/lxd/pull/9490
    • Doc: fix remove non-existent anchor in link to network-peers.md by @hnakamur in https://github.com/lxc/lxd/pull/9491
    • lxd/instances: Use correct project in live migration by @stgraber in https://github.com/lxc/lxd/pull/9502
    • DB: Fix upgrade from LXD 2.0/3.0 when using go-dqlite v1.10.1 NULLable fields by @tomponline in https://github.com/lxc/lxd/pull/9500
    • lxd/device: Clean up mdev vGPU on failure by @monstermunchkin in https://github.com/lxc/lxd/pull/9501
    • Network: Add support for OVN PTMU discovery for external ingress traffic by @tomponline in https://github.com/lxc/lxd/pull/9503
    • VM: fix usb pass-through with more than one device by @zyga in https://github.com/lxc/lxd/pull/9497
    • Switch to original go-udev by @stgraber in https://github.com/lxc/lxd/pull/9505
    • doc: Elaborate on pongo2 date-time syntax for snapshots by @RKBethke in https://github.com/lxc/lxd/pull/9493
    • lxc/list: Changed units to be IEC consistent by @RKBethke in https://github.com/lxc/lxd/pull/9494
    • Switch to go-httprequest by @stgraber in https://github.com/lxc/lxd/pull/9507
    • DB: Always defer close until after statement has returned to avoid panicking on error by @tomponline in https://github.com/lxc/lxd/pull/9514
    • Default profile units by @simondeziel in https://github.com/lxc/lxd/pull/9513
    • Migrate: Only use pointers to migration.MigrationControl to avoid shallow copies by @tomponline in https://github.com/lxc/lxd/pull/9512
    • Storage: Disk mounting cleanup and improvements by @tomponline in https://github.com/lxc/lxd/pull/9510
    • Stricter regexps by @simondeziel in https://github.com/lxc/lxd/pull/9517
    • Container: Fix liblxc handle leak in renderState by @tomponline in https://github.com/lxc/lxd/pull/9520
    • Device: Switch VM disk devices to use opened file descriptors for passing disk sources to QEMU by @tomponline in https://github.com/lxc/lxd/pull/9521
    • Warning entry for missing instance driver by @presztak in https://github.com/lxc/lxd/pull/9522
    • lxd/network/ovn: Support SSL by @stgraber in https://github.com/lxc/lxd/pull/9524
    • Network: Separate IP neighbour and neighbour proxy management functions by @tomponline in https://github.com/lxc/lxd/pull/9527
    • Support trust certificate self renewal by @monstermunchkin in https://github.com/lxc/lxd/pull/9474
    • NIC: Reworks routed NIC to not depend on liblxc's router NIC type by @tomponline in https://github.com/lxc/lxd/pull/9528
    • NIC: Adds routed NIC support for VMs by @tomponline in https://github.com/lxc/lxd/pull/9529
    • doc: Fix misspelling in server.md by @cavcrosby in https://github.com/lxc/lxd/pull/9530
    • Device: Switch to using string slice for mount option handling by @tomponline in https://github.com/lxc/lxd/pull/9532
    • Project: Adds restricted.devices.disk.paths setting by @tomponline in https://github.com/lxc/lxd/pull/9496
    • Support for moving instances and custom volumes between projects by @presztak in https://github.com/lxc/lxd/pull/9509
    • tests: Split cluster and standalone by @stgraber in https://github.com/lxc/lxd/pull/9537
    • lxd: add forkusernsexec() by @brauner in https://github.com/lxc/lxd/pull/9536
    • Project: Separate checking if a project can support snapshots from the project DB lookup by @tomponline in https://github.com/lxc/lxd/pull/9539
    • VM: Use socket file descriptors for virtfs-proxy-helper and virtiofsd by @tomponline in https://github.com/lxc/lxd/pull/9538
    • VM: Close unnecessary file handles for VM disk proxy processes by @tomponline in https://github.com/lxc/lxd/pull/9540
    • forkusernsexec: close file descriptors before exec by @brauner in https://github.com/lxc/lxd/pull/9541
    • forkusernsexec: fixes by @brauner in https://github.com/lxc/lxd/pull/9550
    • util_linux: ensure that O_NOCTTY is raised when opening terminals by @brauner in https://github.com/lxc/lxd/pull/9544
    • Move to cron/v3 by @stgraber in https://github.com/lxc/lxd/pull/9551
    • Project: Validation cleanup by @tomponline in https://github.com/lxc/lxd/pull/9549
    • Support for lxc storage volume {copy,move} --target and --destination-target flag by @RKBethke in https://github.com/lxc/lxd/pull/9534
    • Allow passing context to DownloadFileHash by @monstermunchkin in https://github.com/lxc/lxd/pull/9559
    • VM: Add raw.idmap support for running disk device proxy processes in user namespace by @tomponline in https://github.com/lxc/lxd/pull/9543
    • Simple doc fixes by @ru-fu in https://github.com/lxc/lxd/pull/9562
    • VM: Move readonly config mount out of config directory and into devices directory by @tomponline in https://github.com/lxc/lxd/pull/9565
    • Network: Ensures OVN networks only consider only compatible networks for use as uplink by @tomponline in https://github.com/lxc/lxd/pull/9567
    • Instance: Improve and unify stop and shutdown error handling by @tomponline in https://github.com/lxc/lxd/pull/9563
    • Instance: Reset operation lock timeout when unmounting instance and increase ZFS unmount wait by @tomponline in https://github.com/lxc/lxd/pull/9564
    • First class cloud-init support by @monstermunchkin in https://github.com/lxc/lxd/pull/9515
    • forkusernsexec: use unix.Stderr as standard --keep-fd-up-to value by @brauner in https://github.com/lxc/lxd/pull/9569
    • Network: OVN instance peer route bug fix by @tomponline in https://github.com/lxc/lxd/pull/9570
    • doc: Initial sphinx build by @stgraber in https://github.com/lxc/lxd/pull/9568
    • lxd/device/disk: Support snap packages when opening restricted disk paths by @tomponline in https://github.com/lxc/lxd/pull/9571
    • Generator: Accept sql.NullTime as a valid type in the generator by @masnax in https://github.com/lxc/lxd/pull/9572
    • doc: Fix typo in ToC entry by @stgraber in https://github.com/lxc/lxd/pull/9573
    • NIC: Routed test tweaks by @tomponline in https://github.com/lxc/lxd/pull/9574
    • shared/termios: manually copy termios settings between Go and C by @brauner in https://github.com/lxc/lxd/pull/9581
    • shared/termios: actually copy the values not the index by @brauner in https://github.com/lxc/lxd/pull/9582
    • Shared: Revert recent termios fixes by @tomponline in https://github.com/lxc/lxd/pull/9586
    • Shared: Remove requirement on cgo when setting raw mode by @tomponline in https://github.com/lxc/lxd/pull/9589
    • doc: add a cheat sheet for documentation by @ru-fu in https://github.com/lxc/lxd/pull/9585
    • Instance: Use exitErr.ExitCode function for containers by @tomponline in https://github.com/lxc/lxd/pull/9598
    • Increases recommended subuid and subgid ranges in machine setup. by @markylaing in https://github.com/lxc/lxd/pull/9601
    • lxc/exec: Always connect control websocket by @tomponline in https://github.com/lxc/lxd/pull/9595
    • Instance: Add more exec tests by @tomponline in https://github.com/lxc/lxd/pull/9591
    • Instance: Detect disconnect of non-interactive exec stdout websocket and kill command by @tomponline in https://github.com/lxc/lxd/pull/9594
    • Instance: Rework VM exec to always expect control connection for websocket sessions by @tomponline in https://github.com/lxc/lxd/pull/9597
    • doc: clean up the content on the index page of the documentation by @ru-fu in https://github.com/lxc/lxd/pull/9587
    • doc: css: temporary fixes for theme issues by @ru-fu in https://github.com/lxc/lxd/pull/9603
    • Instance: Fix VM exec pts leak by @tomponline in https://github.com/lxc/lxd/pull/9599
    • Instance: Adds ExitStatus() to properly extract exit status when a command is signaled from interactive session by @tomponline in https://github.com/lxc/lxd/pull/9602
    • Replace bionic with focal by @simondeziel in https://github.com/lxc/lxd/pull/9605
    • doc: add redirect to index.html by @ru-fu in https://github.com/lxc/lxd/pull/9606
    • Shared: Some minor tweaks by @tomponline in https://github.com/lxc/lxd/pull/9607
    • doc: Update Ceph docs with details for erasure coded pools by @AlexandarY in https://github.com/lxc/lxd/pull/9604
    • Instance: Adds non-websocket exec tests by @tomponline in https://github.com/lxc/lxd/pull/9613
    • lxd: log basic idmapped mount support by @brauner in https://github.com/lxc/lxd/pull/9612
    • lxd/device: Improves error message for custom storage volumes when shift is true. by @markylaing in https://github.com/lxc/lxd/pull/9611
    • lxd/device: Fix golint by @stgraber in https://github.com/lxc/lxd/pull/9615
    • Generator: Refactor handling of reference tables. by @masnax in https://github.com/lxc/lxd/pull/9364
    • Add network.nat property to zones by @stgraber in https://github.com/lxc/lxd/pull/9616
    • Instance: Make VM WaitForWS for lxd-agent exec explicit by @tomponline in https://github.com/lxc/lxd/pull/9619
    • Instance: Clear up OVS integration bridge port earlier in stop sequence for OVN NICs by @tomponline in https://github.com/lxc/lxd/pull/9621
    • Added link for installing.md by @dillonsamra9 in https://github.com/lxc/lxd/pull/9624
    • Add cluster member role to indicate the leader by @presztak in https://github.com/lxc/lxd/pull/9609
    • Storage: Enable nodatacow on BTRFS subvolume for block volumes by @tomponline in https://github.com/lxc/lxd/pull/9627
    • Storage: Improve logging during backup unpack by @tomponline in https://github.com/lxc/lxd/pull/9629
    • Storage: Add warning to docs about using VMs on BTRFS storage pools by @tomponline in https://github.com/lxc/lxd/pull/9635
    • doc/storage: fix 2 typos by @simondeziel in https://github.com/lxc/lxd/pull/9637
    • Added --sub-command flag by @dillonsamra9 in https://github.com/lxc/lxd/pull/9634
    • Events: Switch events websocket heartbeat to counter rather than using absolute deadline times by @tomponline in https://github.com/lxc/lxd/pull/9632
    • Storage: Restore VM filesystem size.state quota on backup restore by @tomponline in https://github.com/lxc/lxd/pull/9628
    • Project: Account for disk size.state when checking project limits.disk setting by @tomponline in https://github.com/lxc/lxd/pull/9631
    • lxd/storage: Switch to deviceConfig.DefaultVMBlockFilesystemSize by @monstermunchkin in https://github.com/lxc/lxd/pull/9638
    • Add swagger to doc by @ru-fu in https://github.com/lxc/lxd/pull/9636
    • doc: Clarify btrfs resize documentation by @archevan in https://github.com/lxc/lxd/pull/9640
    • Ability to retrieve instances for all projects through API by @presztak in https://github.com/lxc/lxd/pull/9590
    • Optimise proxy device driver nat rules by @markylaing in https://github.com/lxc/lxd/pull/9633
    • lxc/copy: Replaces profiles when -p is set. by @markylaing in https://github.com/lxc/lxd/pull/9648
    • Cleanup ucred handling, fix cluster permission and more reliable tests by @stgraber in https://github.com/lxc/lxd/pull/9644
    • doc: fix link to rest-api.yaml by @ru-fu in https://github.com/lxc/lxd/pull/9646
    • doc/api-extensions.md: fixed typo in gpu_mig section by @dillonsamra9 in https://github.com/lxc/lxd/pull/9652
    • doc: Reformatted Storage Documentation to Organize Keys by Storage Type by @jeff2814 in https://github.com/lxc/lxd/pull/9626
    • Cluster server grouping by @monstermunchkin in https://github.com/lxc/lxd/pull/9583
    • GetNonPendingNetworkIDs Project Aware by @C-Stout in https://github.com/lxc/lxd/pull/9653
    • lxd/storage: Enable LO_FLAGS_DIRECT_IO by default for loop devices by @archevan in https://github.com/lxc/lxd/pull/9643
    • Cluster: Include endpoint address in dqlite connect errors by @tomponline in https://github.com/lxc/lxd/pull/9655
    • test: Give exec chance to finish before capturing output by @tomponline in https://github.com/lxc/lxd/pull/9654
    • Record net.Conn in request context by @markylaing in https://github.com/lxc/lxd/pull/9658
    • Cluster: Heartbeat ordering by @tomponline in https://github.com/lxc/lxd/pull/9649
    • Add ipv{n}.routes setting for routed NIC type by @hQavi in https://github.com/lxc/lxd/pull/9645
    • Use all-projects parameter in events api by @markylaing in https://github.com/lxc/lxd/pull/9657
    • lxd/device/nic/bridged: Allow ipv{n} filtering when ip is set to none by @hQavi in https://github.com/lxc/lxd/pull/9641
    • Cluster: Make event listener refresh event driven by @tomponline in https://github.com/lxc/lxd/pull/9656
    • lxd/storage: Add a ceph.rbd.du storage option to disable the use of rbd du by @liamnickell in https://github.com/lxc/lxd/pull/9659
    • doc/cluster: Clarify join question handling by @stgraber in https://github.com/lxc/lxd/pull/9660

    New Contributors

    • @zyga made their first contribution in https://github.com/lxc/lxd/pull/9497
    • @RKBethke made their first contribution in https://github.com/lxc/lxd/pull/9493
    • @cavcrosby made their first contribution in https://github.com/lxc/lxd/pull/9530
    • @markylaing made their first contribution in https://github.com/lxc/lxd/pull/9601
    • @AlexandarY made their first contribution in https://github.com/lxc/lxd/pull/9604
    • @dillonsamra9 made their first contribution in https://github.com/lxc/lxd/pull/9624
    • @archevan made their first contribution in https://github.com/lxc/lxd/pull/9640
    • @jeff2814 made their first contribution in https://github.com/lxc/lxd/pull/9626
    • @C-Stout made their first contribution in https://github.com/lxc/lxd/pull/9653
    • @hQavi made their first contribution in https://github.com/lxc/lxd/pull/9645
    • @liamnickell made their first contribution in https://github.com/lxc/lxd/pull/9659

    Full Changelog: https://github.com/lxc/lxd/compare/lxd-4.20...lxd-4.21

    Source code(tar.gz)
    Source code(zip)
    lxd-4.21.tar.gz(15.05 MB)
    lxd-4.21.tar.gz.asc(833 bytes)
  • lxd-4.20(Nov 6, 2021)

    Announcement

    https://discuss.linuxcontainers.org/t/lxd-4-20-has-been-released/12540

    What's Changed

    • lxd/checkfeature: check whether the kernel supports core scheduling by @brauner in https://github.com/lxc/lxd/pull/9319
    • lxd/daemon: Fix crash on lxd start when another lxd already running by @tomponline in https://github.com/lxc/lxd/pull/9320
    • Fix metrics issues by @monstermunchkin in https://github.com/lxc/lxd/pull/9328
    • Instance: Use project and instance name for operation locks by @tomponline in https://github.com/lxc/lxd/pull/9329
    • lxd-agent: Drop aggregated cpu stats in metrics by @monstermunchkin in https://github.com/lxc/lxd/pull/9331
    • test: Kill LXD process if doesn't start in time by @tomponline in https://github.com/lxc/lxd/pull/9332
    • Suggest Ubuntu 20.04 instead of 18.04 by @simondeziel in https://github.com/lxc/lxd/pull/9337
    • lxc: update wording when a cert is successfully trusted by a remote by @simondeziel in https://github.com/lxc/lxd/pull/9338
    • lxd/main/shutdown: Fix shutdown regression when running in snap by @tomponline in https://github.com/lxc/lxd/pull/9334
    • Generator: Insert into certificates_projects table by @masnax in https://github.com/lxc/lxd/pull/9318
    • Instance: Rework instancesOnDisk to load config from backup.yaml if available by @tomponline in https://github.com/lxc/lxd/pull/9330
    • lxd/apparmor: Allow remount using noatime by @simondeziel in https://github.com/lxc/lxd/pull/9341
    • Update protobuf code by @stgraber in https://github.com/lxc/lxd/pull/9339
    • Introduce downstream networks in leases by @stgraber in https://github.com/lxc/lxd/pull/9340
    • Apparmor simplification by @simondeziel in https://github.com/lxc/lxd/pull/9342
    • Instance: Fix image download race condition in instanceCreateFromImage by @tomponline in https://github.com/lxc/lxd/pull/9346
    • Cluster: Error when no leader address found during handover by @tomponline in https://github.com/lxc/lxd/pull/9344
    • Storage: Use normal mount rather than zfs mount for ZFS volumes by @tomponline in https://github.com/lxc/lxd/pull/9349
    • Simpler filters by @simondeziel in https://github.com/lxc/lxd/pull/9350
    • test/suites: Fix cephfs backup tests by @monstermunchkin in https://github.com/lxc/lxd/pull/9343
    • lxd/network: Move Leases to network package by @stgraber in https://github.com/lxc/lxd/pull/9351
    • lxd/instance/lxc: Properly report mapped memory by @stgraber in https://github.com/lxc/lxd/pull/9355
    • Instance: Keep instance operation lock alive whilst waiting for instance to shutdown by @tomponline in https://github.com/lxc/lxd/pull/9345
    • lxd: core scheduling support for virtual machines and container core scheduling even without LXC shared library support by @brauner in https://github.com/lxc/lxd/pull/9352
    • Storage: Set mountpoint=none for ZFS filesystem volumes by @tomponline in https://github.com/lxc/lxd/pull/9353
    • Clustering: Prevent a member that is shutting down from being promoted by @tomponline in https://github.com/lxc/lxd/pull/9296
    • Instance: Fix container restart locking by @tomponline in https://github.com/lxc/lxd/pull/9361
    • Network: Rework network loading functionality by @tomponline in https://github.com/lxc/lxd/pull/9359
    • lxd/network/driver/ovn: Fix comment on getLoadBalancerName by @tomponline in https://github.com/lxc/lxd/pull/9362
    • Clustering: Improve reliablity of remove raft node test by @tomponline in https://github.com/lxc/lxd/pull/9360
    • lxd/network/ovn: Add support for leases by @stgraber in https://github.com/lxc/lxd/pull/9363
    • Backup: Fix regression of VM backup imports by @tomponline in https://github.com/lxc/lxd/pull/9366
    • Network: Rework isInUseByDevice to remove unnecessary DB lookups via NICType by @tomponline in https://github.com/lxc/lxd/pull/9369
    • Network: Rework OVN static route management by @tomponline in https://github.com/lxc/lxd/pull/9368
    • lxd/images: properly return project name in error by @masnax in https://github.com/lxc/lxd/pull/9372
    • Generator: No-op changes for generator refactor by @masnax in https://github.com/lxc/lxd/pull/9373
    • Fix image copy between two remotes when source is not in default project by @presztak in https://github.com/lxc/lxd/pull/9298
    • VM: Use consistent QMP encoding by @tomponline in https://github.com/lxc/lxd/pull/9376
    • VM: Adds workaround for QEMU 6.x regression in handling memory object host-nodes setting by @tomponline in https://github.com/lxc/lxd/pull/9378
    • lxd/device: Make sure vfio-pci is loaded by @stgraber in https://github.com/lxc/lxd/pull/9379
    • Rename lxc cluster remove --quiet to lxc cluster remove --yes by @stgraber in https://github.com/lxc/lxd/pull/9382
    • Add Cluster member configuration by @masnax in https://github.com/lxc/lxd/pull/9380
    • Networks: Fixes getStoragePool to support NULL description fields by @tomponline in https://github.com/lxc/lxd/pull/9386
    • lxd/api/cluster: fix comment on clusterGet clusterPut by @qvjp in https://github.com/lxc/lxd/pull/9388
    • Network: Add OVN router security policy to prevent address spoofing by @tomponline in https://github.com/lxc/lxd/pull/9384
    • lxd: Replace inotify with fsnotify/fanotify by @monstermunchkin in https://github.com/lxc/lxd/pull/9357
    • Network: Fix bridge leases by @tomponline in https://github.com/lxc/lxd/pull/9389
    • Network: OVN network to network routing (peering) by @tomponline in https://github.com/lxc/lxd/pull/9243
    • lxd-p2c: Allow passing existing certificate by @stgraber in https://github.com/lxc/lxd/pull/9391
    • doc: Fixes by @monstermunchkin in https://github.com/lxc/lxd/pull/9392
    • Instance: Renames IsMigratable to CanMigrate by @tomponline in https://github.com/lxc/lxd/pull/9397
    • Instance: Add ability to perform stateful instance pool migration by @tomponline in https://github.com/lxc/lxd/pull/9394
    • lxd: fixes by @brauner in https://github.com/lxc/lxd/pull/9383
    • lxd/fsmonitor/drivers: Add missing FAN_MARK_FILESYSTEM by @monstermunchkin in https://github.com/lxc/lxd/pull/9393
    • Instance: Add ability to perform stateful instance cluster member migration by @tomponline in https://github.com/lxc/lxd/pull/9395
    • Don't autofill cluster config. by @masnax in https://github.com/lxc/lxd/pull/9401
    • DB: Adds 10s timeout to Transaction by @tomponline in https://github.com/lxc/lxd/pull/9404
    • Cluster: Add dqlite proxy timeout and event stream heartbeats by @tomponline in https://github.com/lxc/lxd/pull/9405
    • Add linux.sysctl.* configuration keys by @presztak in https://github.com/lxc/lxd/pull/9402
    • Events: Moves blocking reader into heartbeat function by @tomponline in https://github.com/lxc/lxd/pull/9409
    • NIC: Prevent use of static IPs on bridged NIC connected to unmanaged bridge by @tomponline in https://github.com/lxc/lxd/pull/9406
    • lxd/fsmonitor/drivers: Log warning instead of failing by @monstermunchkin in https://github.com/lxc/lxd/pull/9411
    • Cluster: Replaces dqliteProxy idle timeout with TCP_USER_TIMEOUT by @tomponline in https://github.com/lxc/lxd/pull/9416
    • Retry cluster transactions once if context deadline exceeded by @masnax in https://github.com/lxc/lxd/pull/9412
    • seccomp: Pass the caller TGID to pidfd_open instead of TID by @lephilousophe in https://github.com/lxc/lxd/pull/9422
    • lxd/instance/drivers: Check swap for metrics by @monstermunchkin in https://github.com/lxc/lxd/pull/9427
    • seccomp: verify retrieved fds when by @brauner in https://github.com/lxc/lxd/pull/9428
    • lxd/instance/qemu: Fix host-nodes on multi-node by @stgraber in https://github.com/lxc/lxd/pull/9429
    • Add network zones API and built-in DNS server by @stgraber in https://github.com/lxc/lxd/pull/9371
    • lxd/instance/drivers: Check memory limit for metrics by @monstermunchkin in https://github.com/lxc/lxd/pull/9430
    • Migration: Fix deadlock in websocket control message sending by @tomponline in https://github.com/lxc/lxd/pull/9432
    • VM: Stateful migration to a remote by @tomponline in https://github.com/lxc/lxd/pull/9431
    • VM: Add VM stateful migration support with ceph by @tomponline in https://github.com/lxc/lxd/pull/9436
    • test: Update teardown_clustering_netns to succeed if process has already gone by @tomponline in https://github.com/lxc/lxd/pull/9437
    • NIC: Allow static IP on bridged NIC when using unmanaged bridge with MAAS subnet specified by @tomponline in https://github.com/lxc/lxd/pull/9438
    • NIC: OVN Remove setting accept_ra sysctl unnecessarily as disable_ipv6 is set by @tomponline in https://github.com/lxc/lxd/pull/9441
    • Replace 'which' with 'command -v' by @simondeziel in https://github.com/lxc/lxd/pull/9442
    • lxc: better advertise support for VMs by @simondeziel in https://github.com/lxc/lxd/pull/9443
    • NIC: Split up SR-IOV VF management functions by @tomponline in https://github.com/lxc/lxd/pull/9446
    • NIC: Support hardware accelerated OVS/OVN by @tomponline in https://github.com/lxc/lxd/pull/9445
    • lxd/cluster: Fix forceful stop on restore by @stgraber in https://github.com/lxc/lxd/pull/9448
    • bash-completion: Add restore snapshots by @ulziibuyan in https://github.com/lxc/lxd/pull/9451
    • forkuevent: fixes by @brauner in https://github.com/lxc/lxd/pull/9457
    • Daemon: Fix shutdown panic by @tomponline in https://github.com/lxc/lxd/pull/9454
    • Fixes for VM CPU topology by @stgraber in https://github.com/lxc/lxd/pull/9458
    • lxc import - read from stdin by @presztak in https://github.com/lxc/lxd/pull/9459
    • Remove the last 'which' occurence. by @simondeziel in https://github.com/lxc/lxd/pull/9460
    • cleanup: remove subtest by @hypnoglow in https://github.com/lxc/lxd/pull/9452
    • lxc/file: Don't use HostPath on temp files by @stgraber in https://github.com/lxc/lxd/pull/9461
    • lxd/cluster: Log leader address on failure by @stgraber in https://github.com/lxc/lxd/pull/9463
    • lxd/api/cluster: Sleep for 100ms to allow http.Flush to render by @masnax in https://github.com/lxc/lxd/pull/9468
    • lxd/fsmonitor: Don't crash on Walk errors by @stgraber in https://github.com/lxc/lxd/pull/9470
    • Improve file access operations and add NixOS path by @stgraber in https://github.com/lxc/lxd/pull/9471
    • Container: Release liblxc cache when stopping or shutting down by @tomponline in https://github.com/lxc/lxd/pull/9473
    • Network: Add ACL integration for OVN peer connections by @tomponline in https://github.com/lxc/lxd/pull/9465
    • gomod tweaks by @stgraber in https://github.com/lxc/lxd/pull/9478
    • lxd/storage/ceph: Properly support pre-existing empty pools by @stgraber in https://github.com/lxc/lxd/pull/9482

    New Contributors

    • @lephilousophe made their first contribution in https://github.com/lxc/lxd/pull/9422
    • @hypnoglow made their first contribution in https://github.com/lxc/lxd/pull/9452

    Full Changelog: https://github.com/lxc/lxd/compare/lxd-4.19...lxd-4.20

    Source code(tar.gz)
    Source code(zip)
    lxd-4.20.tar.gz(10.97 MB)
    lxd-4.20.tar.gz.asc(833 bytes)
  • lxd-4.0.8(Oct 26, 2021)

  • lxd-4.19(Oct 1, 2021)

    Announcement

    https://discuss.linuxcontainers.org/t/lxd-4-19-has-been-released/12276

    What's Changed

    • Cluster: More IPv6 listener bug fixes by @tomponline in https://github.com/lxc/lxd/pull/9192
    • doc: Adds network forwards to left hand nav by @tomponline in https://github.com/lxc/lxd/pull/9196
    • doc/server: Fix incorrect default for routerid by @stgraber in https://github.com/lxc/lxd/pull/9198
    • More listener bugfixes by @masnax in https://github.com/lxc/lxd/pull/9199
    • Resolve warnings older than startTime by @monstermunchkin in https://github.com/lxc/lxd/pull/9203
    • lxc: Fix aliases containing @[email protected] by @monstermunchkin in https://github.com/lxc/lxd/pull/9205
    • lxd/storage/driver/zfs: Fix ListVolumes with custom zpool by @stgraber in https://github.com/lxc/lxd/pull/9208
    • Add 'name' to 'raft_nodes' table. by @masnax in https://github.com/lxc/lxd/pull/9209
    • doc/instances: Clarify default CPU/RAM for VMs by @stgraber in https://github.com/lxc/lxd/pull/9212
    • Swagger fixes by @stgraber in https://github.com/lxc/lxd/pull/9211
    • Don't allow instance ipv{n}.address to be same as managed parent network by @masnax in https://github.com/lxc/lxd/pull/9213
    • lxd/networks: Improved IPv6 support for leases by @stgraber in https://github.com/lxc/lxd/pull/9214
    • Network: Exports bridge forward addresses via BGP by @tomponline in https://github.com/lxc/lxd/pull/9216
    • Unmount storage pools on lxd shutdown by @masnax in https://github.com/lxc/lxd/pull/9217
    • don't allow 'limits.memory' to be 0 by @masnax in https://github.com/lxc/lxd/pull/9223
    • Cluster: Fix slow heartbeat response due to multiple remote queries when populating raft node names by @tomponline in https://github.com/lxc/lxd/pull/9222
    • lxd/util: Respect modprobe configuration by @stgraber in https://github.com/lxc/lxd/pull/9224
    • Network: Exports OVN forward addresses via BGP by @tomponline in https://github.com/lxc/lxd/pull/9219
    • Change restrictions check function in CheckClusterTargetRestriction by @presztak in https://github.com/lxc/lxd/pull/9225
    • Extend cgroup abstraction and other preparations for metrics by @monstermunchkin in https://github.com/lxc/lxd/pull/9226
    • OVN: Work around a bug in lr-nat-del in ovn-nbctl in LogicalRouterDNATSNATAdd by @tomponline in https://github.com/lxc/lxd/pull/9230
    • shared/api/network/forward: Fix api extension references by @tomponline in https://github.com/lxc/lxd/pull/9242
    • Network: Use consistent terminology in address forward swagger descriptions by @tomponline in https://github.com/lxc/lxd/pull/9244
    • Storage: Workaround LVM unmount issues by @tomponline in https://github.com/lxc/lxd/pull/9247
    • Cleanup LXD client imports by @stgraber in https://github.com/lxc/lxd/pull/9249
    • Update lxc cluster list to show roles instead of boolean database column by @presztak in https://github.com/lxc/lxd/pull/9251
    • doc: update link to rest-api.yaml by @ru-fu in https://github.com/lxc/lxd/pull/9256
    • Typo by @regnauld in https://github.com/lxc/lxd/pull/9257
    • lxd/device/tpm: Require path only for containers by @monstermunchkin in https://github.com/lxc/lxd/pull/9261
    • Fix some swagger inconsistencies by @stgraber in https://github.com/lxc/lxd/pull/9262
    • Add metrics by @monstermunchkin in https://github.com/lxc/lxd/pull/9086
    • Add missing syscall mappings for riscv64, and fix missing docs by @wgrant in https://github.com/lxc/lxd/pull/9264
    • Storage: Fix LVM unmount pool bug by @tomponline in https://github.com/lxc/lxd/pull/9255
    • Daemon: Shutdown storage fixes by @tomponline in https://github.com/lxc/lxd/pull/9267
    • Fix documented HTTP return code in console POST by @ricab in https://github.com/lxc/lxd/pull/9266
    • doc/rest-api: Add missing entry for 112 (error) by @stgraber in https://github.com/lxc/lxd/pull/9272
    • lxd/instance/drivers: Fix raw.lxc handling for shutdown/stop by @monstermunchkin in https://github.com/lxc/lxd/pull/9270
    • lxd/cgroup: Implement CPU usage for cgroup v2 by @monstermunchkin in https://github.com/lxc/lxd/pull/9279
    • lxd/cgroup: Fix logging in cgroup init by @monstermunchkin in https://github.com/lxc/lxd/pull/9282
    • Storage: Fix filesystem detection to work on 32bit platforms by @tomponline in https://github.com/lxc/lxd/pull/9277
    • Storage: Remove unmount functionality from LVM driver by @tomponline in https://github.com/lxc/lxd/pull/9276
    • Network: Forwards fixes by @tomponline in https://github.com/lxc/lxd/pull/9283
    • lxd: Improves API request/response debug logging by @tomponline in https://github.com/lxc/lxd/pull/9280
    • LXD: Modifes errorResponse.Render function to JSON encode a api.ResponseRaw struct by @tomponline in https://github.com/lxc/lxd/pull/9281
    • Handle VMs in instancesOnDisk by @monstermunchkin in https://github.com/lxc/lxd/pull/9285
    • Network: Add lxc network forward get command by @tomponline in https://github.com/lxc/lxd/pull/9287
    • lxd/util: Handle ':8443' syntax in ListenAddresses by @stgraber in https://github.com/lxc/lxd/pull/9292
    • lxd: Remove public facing errors that mention cluster "node" by @tomponline in https://github.com/lxc/lxd/pull/9294
    • Util: ListenAddresses improvements by @tomponline in https://github.com/lxc/lxd/pull/9293
    • doc/metrics: typo fix by @simondeziel in https://github.com/lxc/lxd/pull/9295
    • API: Adds URL builder and updates network UsedBy to use it by @tomponline in https://github.com/lxc/lxd/pull/9286
    • Create dirs on pull -p by @masnax in https://github.com/lxc/lxd/pull/9290
    • Fix clustering_remove_leader calling dqlite twice by @masnax in https://github.com/lxc/lxd/pull/9297
    • Daemon: Makes /internal/shutdown synchronous by @tomponline in https://github.com/lxc/lxd/pull/9301
    • Fix lxc config trust remove help by @stgraber in https://github.com/lxc/lxd/pull/9302
    • lxd/qemu: Disable large decrementor on ppc64le by @stgraber in https://github.com/lxc/lxd/pull/9310
    • Storage: Don't log an error when unmount of custom volume is skipped due to being in use by another instance by @tomponline in https://github.com/lxc/lxd/pull/9304
    • lxd/instance/drivers: Add instance type to metrics by @monstermunchkin in https://github.com/lxc/lxd/pull/9305
    • Cluster: Fix cluster member remove tests by @tomponline in https://github.com/lxc/lxd/pull/9303
    • Cluster: Shutdown improvements by @tomponline in https://github.com/lxc/lxd/pull/9311
    • Support custom block and filesystem export for all drivers by @monstermunchkin in https://github.com/lxc/lxd/pull/9300
    • Fix storage volume export for cephfs by @monstermunchkin in https://github.com/lxc/lxd/pull/9312
    • lxc/file: Fix file push help message by @monstermunchkin in https://github.com/lxc/lxd/pull/9313
    • lxd/cgroup: Fix GetIOStats on cgroup2 by @stgraber in https://github.com/lxc/lxd/pull/9315
    • [GH-9248] Restrict protocol version by @masnax in https://github.com/lxc/lxd/pull/9316
    • lxd: add core scheduling support by @brauner in https://github.com/lxc/lxd/pull/9308

    New Contributors

    • @ru-fu made their first contribution in https://github.com/lxc/lxd/pull/9256
    • @regnauld made their first contribution in https://github.com/lxc/lxd/pull/9257
    • @wgrant made their first contribution in https://github.com/lxc/lxd/pull/9264
    • @ricab made their first contribution in https://github.com/lxc/lxd/pull/9266

    Full Changelog: https://github.com/lxc/lxd/compare/lxd-4.18...lxd-4.19

    Source code(tar.gz)
    Source code(zip)
    lxd-4.19.tar.gz(10.94 MB)
    lxd-4.19.tar.gz.asc(833 bytes)
  • lxd-4.18(Sep 3, 2021)

  • lxd-4.17(Aug 6, 2021)

  • lxd-4.0.7(Aug 17, 2021)

  • lxd-4.16(Jul 12, 2021)

  • lxd-4.15(Jun 4, 2021)

  • lxd-4.14(May 18, 2021)

  • lxd-4.0.6(May 6, 2021)

  • lxd-4.13(Apr 12, 2021)

  • lxd-4.12(Mar 5, 2021)

  • lxd-4.11(Feb 5, 2021)

  • lxd-4.10(Jan 8, 2021)

  • lxd-4.9(Dec 11, 2020)

  • lxd-4.8(Nov 12, 2020)

  • lxd-4.0.4(Oct 22, 2020)

  • lxd-4.7(Oct 17, 2020)

  • lxd-4.6(Sep 18, 2020)

  • lxd-4.5(Aug 29, 2020)

Owner
LXC - Linux Containers
Linux container projects
LXC - Linux Containers
Sap Api Integrations Inbound Delivery Reads

sap-api-integrations-inbound-delivery-reads sap-api-integrations-inbound-delivery-reads は、外部システム(特にエッジコンピューティング環境)をSAPと統合することを目的に、SAP API で出荷データ を取得する

Latona, Inc. 2 Jan 10, 2022
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.

Fast and customisable vulnerability scanner based on simple YAML based DSL. How • Install • For Security Engineers • For Developers • Documentation •

ProjectDiscovery 9.2k Aug 7, 2022
DNS server using miekg/dns offering dynamic subdomains, time-over-dns, and standard zone file support.

dns-go DNS server using miekg/dns offering dynamic subdomains, time-over-dns, and standard zone file support. dynamic subdomains web.myapp.192.168.1.1

Jean Ribes 0 Dec 14, 2021
Open Source runtime scanner for Linux containers (LXD), It performs security audit checks based on CIS Linux containers Benchmark specification

lxd-probe Scan your Linux container runtime !! Lxd-Probe is an open source audit scanner who perform audit check on a linux container manager and outp

Chen Keinan 14 May 16, 2022
Kubedock is a minimal implementation of the docker api that will orchestrate containers on a Kubernetes cluster, rather than running containers locally.

Kubedock Kubedock is an minimal implementation of the docker api that will orchestrate containers on a kubernetes cluster, rather than running contain

Vincent van Dam 71 Jul 23, 2022
Go-db-connection-api - API REST in Go that connect to SQL DB and manage task of projects

Go Todo REST API Example A RESTful API example for simple application with Go It

Carlos Andres Toro Guerrero 0 Jan 26, 2022
Dwarka - API gateway offers REST API to manage various device controlled using MQTT protocol

dwarka API gateway offers REST API to manage various device controlled using 'MQ

Krishnaswamy Subramanian 1 Jun 9, 2022
REST based Redis client built on top of Upstash REST API

An HTTP/REST based Redis client built on top of Upstash REST API.

Andreas Thomas 5 Jul 31, 2022
Go (Golang) API REST with Gin FrameworkGo (Golang) API REST with Gin Framework

go-rest-api-aml-service Go (Golang) API REST with Gin Framework 1. Project Description Build REST APIs to support AML service with the support of exte

Tony Aizize 1 Nov 21, 2021
Books-rest api - Simple CRUD Rest API architecture using postgresql db with standard Library

books-rest_api Simple CRUD Rest API architecture using postgresql db with standa

Edho Guntur Adhitama 2 Feb 8, 2022
The rest api that can manage the iptables rules of the remote host

fiewall-api firewall api是基于firewalld来远程管理iptables规则的rest-api,无需部署agent Features 指定一个主机ip,让这个主机上的iptables增加一个规则 处理单个IP或CIDR范围(xx.xx.xx.xx/mask,mac,inte

seal 0 Mar 24, 2022
A microservice gateway developed based on golang.With a variety of plug-ins which can be expanded by itself, plug and play. what's more,it can quickly help enterprises manage API services and improve the stability and security of API services.

Goku API gateway is a microservice gateway developed based on golang. It can achieve the purposes of high-performance HTTP API forwarding, multi tenant management, API access control, etc. it has a powerful custom plug-in system, which can be expanded by itself, and can quickly help enterprises manage API services and improve the stability and security of API services.

Eolink 233 Aug 4, 2022
nerdctl daemon (Docker API)

nerdctld This is a daemon offering a nerdctl.sock endpoint. It can be used with DOCKER_HOST=unix://nerdctl.sock. Normally the nerdctl tool is a CLI-on

Anders Björklund 3 Jun 21, 2022
CetusGuard is a tool that allows to protect the Docker daemon socket by filtering the calls to its API endpoints.

CetusGuard CetusGuard is a tool that allows to protect the Docker daemon socket by filtering the calls to its API endpoints. Some highlights: It is wr

Héctor Molinero Fernández 4 Jul 27, 2022
Experimental code execution microservice based on Docker containers.

ranna ランナー - Experimental code runner microservice based on Docker containers. ⚠ PLEASE READ BEFORE USE First of all, this project is currently work i

ranna 22 Jul 24, 2022
A simple library to extract video and audio frames from media containers (based on libav).

Reisen A simple library to extract video and audio frames from media containers (based on libav, i.e. ffmpeg). Dependencies The library requires libav

NightGhost 53 Jul 20, 2022
Simple Go-based permission setter for containers running as non root users

Simple Go-based permission setter for containers running as non root users

Jacob Alberty 1 May 17, 2022
Furui - A process-based communication control system for containers

furui Communication control of the container runtime environment(now only docker

masibw 17 Mar 26, 2022
REST Layer, Go (golang) REST API framework

REST Layer REST APIs made easy. REST Layer is an API framework heavily inspired by the excellent Python Eve. It helps you create a comprehensive, cust

Olivier Poitrey 1.2k Jul 29, 2022
📖 Build a RESTful API on Go: Fiber, PostgreSQL, JWT and Swagger docs in isolated Docker containers.

?? Tutorial: Build a RESTful API on Go Fiber, PostgreSQL, JWT and Swagger docs in isolated Docker containers. ?? The full article is published on Marc

Vic Shóstak 191 Jul 24, 2022
Provides an interactive prompt to connect to ECS Containers using the ECS ExecuteCommand API.

ecsgo Heavily inspired by incredibly useful gossm, this tool makes use of the new ECS ExecuteCommand API to connect to running ECS tasks. It provides

Ed Smith 35 Jul 26, 2022
Small wrapper for containers/image which exposes a HTTP API to fetch

CLI to expose containers/image fetching via HTTP This is a small CLI program which vendors the containers/image Go library and exposes a HTTP API to f

Colin Walters 2 Nov 1, 2021
An autocompletion daemon for the Go programming language

An autocompletion daemon for the Go programming language VERY IMPORTANT: this project is not maintained anymore, look for alternatives or forks if you

null 5k Jul 30, 2022
dyndns client daemon

README for dyndnscd =================== dyndnscd is the dyndns client daemon. It is a daemon that continually polls for IP address changes an in the

Andreas Krennmair 12 Sep 29, 2021
Resolver (DNS) cache daemon.

RESCACHED(1) Manual Page NAME rescached - DNS resolver cache daemon. Table of Contents SYNOPSIS OPTIONS DESCRIPTION FEATURES BEHIND THE DNS HOW CACHE

Shulhan 28 Jul 30, 2022
A simple daemon which will watch files on your filesystem, mirror them to MFS, automatically update related pins, and update related IPNS keys.

ipfs-sync is a simple daemon which will watch files on your filesystem, mirror them to MFS, automatically update related pins, and update related IPNS keys, so you can always access your directories from the same address. You can use it to sync your documents, photos, videos, or even a website!

null 72 Jun 14, 2022
Kubernetes Reboot Daemon

kured - Kubernetes Reboot Daemon Introduction Kubernetes & OS Compatibility Installation Configuration Reboot Sentinel File & Period Setting a schedul

Weaveworks 1.5k Aug 1, 2022
cod is a completion daemon for bash/fish/zsh

Cod is a completion daemon for {bash,fish,zsh}. It detects usage of --help commands parses their output and generates auto-completions for your shell.

Dmitry Ermolov 419 Aug 2, 2022
A modern IRC server (daemon/ircd) written in Go.

Oragono is a modern IRC server written in Go. Its core design principles are: Being simple to set up and use Combining the features of an ircd, a serv

Oragono 1.8k Aug 3, 2022