News¶
LXD 4.18 リリースのお知らせ¶
3rd of September 2021
はじめに ¶
LXD チームは LXD 4.18 のリリースをお知らせできることにとてもワクワクしています!
今回のリリースは忙しいリリースで、多くの主要な新機能の追加や、さまざまな機能強化、修正が行われています。
Enjoy!
新機能とハイライト ¶
Go モジュールへの移行 ¶
LXD は完全に Go モジュールの使用へと移行しました。この変更はユーザーにはまったく見えないはずです。しかし、Go クライアントパッケージをインポートしたり、LXD のリリースをパッケージングする場合には影響があります。
この変更のために Makefile が更新され、期待通りに動作するはずです。リリース tarball で dist ディレクトリが廃止され、Go がネイティブにサポートする標準的な vendor ディレクトリに置き換えられました。
ネットワーク転送(フローティングIP) ¶
ブリッジと OVN の管理ネットワークでネットワーク転送がサポートされました。
この機能により、ネットワーク自身のサブネットや、(プロジェクトで制限されている場合)プロジェクト内で許可されている外部サブネットからいくつかアドレスを割り当て、ネットワーク内部の任意のアドレスに転送できます。
さらに、ネットワーク転送を使うと、プロトコルとポートをベースに、ひとつのアドレスを複数の内部アドレスに転送できます。
stgraber@dakara:~$ lxc list u1 +------+---------+-----------------------+--------------------------------------------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +------+---------+-----------------------+--------------------------------------------+-----------+-----------+ | u1 | RUNNING | 172.17.250.244 (eth0) | 2602:fc62:b:250:71c2:a0d8:4a72:e17a (eth0) | CONTAINER | 0 | +------+---------+-----------------------+--------------------------------------------+-----------+-----------+ stgraber@dakara:~$ ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. From 170.39.196.149 icmp_seq=1 Destination Net Unreachable --- 192.168.1.1 ping statistics --- 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms stgraber@dakara:~$ lxc network forward create lxdbr0 192.168.1.1 target_address=172.17.250.244 Network forward 192.168.1.1 created stgraber@dakara:~$ ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. 64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.110 ms 64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.049 ms --- 192.168.1.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1027ms rtt min/avg/max/mdev = 0.049/0.079/0.110/0.030 ms stgraber@dakara:~$ nc -v 192.168.1.1 3389 nc: connect to 192.168.1.1 port 3389 (tcp) failed: Connection refused stgraber@dakara:~$ lxc list win11 +-------+---------+-----------------------+--------------------------------------------+-----------------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-------+---------+-----------------------+--------------------------------------------+-----------------+-----------+ | win11 | RUNNING | 172.17.250.173 (eth0) | 2602:fc62:b:250:a7ad:46a9:82b6:50db (eth0) | VIRTUAL-MACHINE | 1 | +-------+---------+-----------------------+--------------------------------------------+-----------------+-----------+ stgraber@dakara:~$ lxc network forward port add lxdbr0 192.168.1.1 tcp 3389 172.17.250.173 stgraber@dakara:~$ nc -v 192.168.1.1 3389 Connection to 192.168.1.1 3389 port [tcp/ms-wbt-server] succeeded! stgraber@dakara:~$ lxc network forward show lxdbr0 192.168.1.1 description: "" config: target_address: 172.17.250.244 ports: - description: "" protocol: tcp listen_port: "3389" target_port: "" target_address: 172.17.250.173 listen_address: 192.168.1.1 location: none
この例では、外部アドレス(192.168.1.1)を転送アドレスとしてローカルブリッジネットワーク(lxdbr0)に追加し、すべてのトラフィックを u1 に流れるように設定しています。その後、3389 番ポートは win11 に送るように再設定しています。
仕様 : https://discuss.linuxcontainers.org/t/lxd-floating-ip-addresses/11801 ドキュメント : https://linuxcontainers.org/lxd/docs/master/network-forwards
ネイティブ BGP サポート ¶
LXD はたくさんのネットワーク設定をサポートしています。それらのいくつかは、インスタンスが直接パブリックアドレスを取得するために使えます。
このようなシナリオでは、個々のアドレスやサブネットを正しい LXD サーバーにルーティングし、サーバーはインスタンスへトラフィックを転送する必要があるでしょう。
これは、ルーターにスタティックなルーティングエントリーを設定して手動で行えます。しかし、多数のエントリーを扱う場合、これは非常にわずらわしく、エラーが発生しやすくなります。
ここでダイナミックルーティングと BGP の登場です。BGP をサポートすることで、LXD は関連する上流のルーターに直接接続でき、その後使用するすべての外部アドレスとサブネットのアナウンスを開始します。
これは一連の新しい設定オプションを使って設定します。 サーバーの設定レベルでは、これらは次の設定です。
- core.bgp_address
- core.bgp_asn
- core.bgp_routerid
ネットワークレベルでは、次の設定です(ブリッジもしくは OVN アップリンクネットワーク)。
- bgp.peers.NAME.address
- bgp.peers.NAME.asn
- bgp.peers.NAME.password (optional)
- bgp.ipv4.nexthop (optional, bridge only)
- bgp.ipv6.nexthop (optional, bridge only)
これにより、LXD はピアリングセッションを確立し、すべての外部(非NAT)IPv4 と IPv6 アドレスとサブネットを広告しはじめます!
fw-wan01# show bgp summary· IPv4 Unicast Summary: BGP router identifier 45.45.148.250, local AS number 399760 vrf-id 0 BGP table version 200 RIB entries 39, using 7488 bytes of memory Peers 4, using 85 KiB of memory Peer groups 4, using 256 bytes of memory Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt 45.45.148.251 4 399760 19844 19843 0 0 0 4d22h57m 1 4 45.45.148.252 4 399760 19850 19849 0 0 0 5d19h19m 1 4 45.45.148.254 4 64600 19838 19838 0 0 0 01w6d18h 2 0 2602:fc62:b:1000:5436:5b25:64e4:d81a 4 399760 39020 38840 0 0 0 00:15:09 3 0 Total number of neighbors 4 IPv6 Unicast Summary: BGP router identifier 45.45.148.250, local AS number 399760 vrf-id 0 BGP table version 197 RIB entries 47, using 9024 bytes of memory Peers 4, using 85 KiB of memory Peer groups 4, using 256 bytes of memory Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt 2602:fc62:b:101::251 4 399760 19844 19843 0 0 0 4d22h56m 1 3 2602:fc62:b:101::252 4 399760 19850 19849 0 0 0 5d19h19m 1 3 2602:fc62:b:101::254 4 64600 19838 19839 0 0 0 01w6d18h 1 3 2602:fc62:b:1000:5436:5b25:64e4:d81a 4 399760 39020 38840 0 0 0 00:15:09 3 0 Total number of neighbors 4
これは 2602:fc62:b:1000:5436:5b25:64e4:d81a が LXD サーバーである場合の、私の BGP ルーターのひとつからのビューです。見てわかるように、3 つの IPv4 と IPv6 プレフィックスを BGP でアナウンスしています。
仕様 : https://discuss.linuxcontainers.org/t/lxd-bgp-address-route-advertisement/11567 ドキュメント : https://linuxcontainers.org/lxd/docs/master/networks#bgp-integration
OVN での NAT アドレスのカスタマイズ ¶
ovn タイプのネットワークで、IPv4.nat.address と ipv6.nat.address の両方がサポートされるようになりました。
これは、NAT が有効な場合、OVN で設定されたアドレスを、外向きの IPv4 と IPv6 のトラフィックのソースとして使用する場合に期待通りに動作します。
クラスターのディザスターリカバリーのための lxd cluster edit コマンド ¶
LXD クラスターを、高可用クラスターで操作するには、3 データーベースサーバー、2 クォーラムから構成されるクォーラムが必要です。これにより、サーバーがひとつ失われても、API とデータベース全体が維持できます。
もし、2 台のマシンがリカバリー不能なダメージを受けて復帰できなかった場合、LXD はクォーラムに到達できないために起動を拒否します。この場合、既存の lxd cluster recovery-from-quorum-loss コマンドにより、他のサーバーを除去するためにデータベースの設定を書き換えることで対処できます。
しかし、8 台からなるクラスターで、3 台がデータベースサーバー、2 台がスタンバイのデータベースサーバー、他の 3 台がシンプルなクライアントであるような、はるかに複雑なケースも考えられます。
同時に 2 台のデータベースサーバーが消滅した場合、LXD は機能しません。しかしこのような環境では、すべての他のサーバーを削除し、ひとつを残して、そこから回復させるようなことは望めません。
このようなシナリオでは、新しく追加された lxd cluster edit と lxd cluster show が役立ちます。これらのコマンドで、各サーバー上の内部的なクラスター設定を見て編集できます。これらを使って、手動でロールを再度シャッフルしたり、ネットワークアドレスを更新したりできます。クラスター内の全サーバーで変更が済むと、LXD を再び起動できます。
ドキュメント : https://linuxcontainers.org/lxd/docs/master/clustering#recover-cluster-members-with-changed-addresses
カスタムボリュームでの Refresh のサポート ¶
lxc storage volume copy コマンドで、lxc copy と同様に --refresh オプションが使えるようになりました。
これにより、足りないスナップショットを転送したり、現在のボリュームの状態を転送したりできます。そして、ボリュームの最新のバックアップを別のプールや別のサーバーに保持するために使えます。
プロジェクトでのデバイス制限の追加 ¶
プロジェクトに対する制限が更新され、これまで使えなかったデバイスタイプが 2 つ追加されました。
新しい設定オプションは次の通りです:
restricted.devices.pcirestricted.devices.proxy
両方とも、信頼できないユーザーにとっては安全ではないと考えられますので、デフォルト値は block です。
ドキュメント : https://linuxcontainers.org/lxd/docs/master/projects
lxd init の --minimal オプション ¶
lxd init に新たに --minimal オプションが追加されました。
これは、実際は lxd init --auto と同じですが、より正確な名前で追加の設定パラメーターを許可しないコマンドになっています。
これを使うと、default という名前の dir ストレージプールと、lxdbr0 という名前の bridge タイプのネットワークを使って動作する LXD サーバーになります。
インスタンスの状態へいくつかネットワークカウンターを追加 ¶
メトリクス(prometheus)エンドポイントの作業に備えて、インスタンス上のネットワークカウンターを少し拡張し、ドロップしたパケットとエラーの両方を含めるようにしました。
stgraber@dakara:~$ lxc query /1.0/instances/u1/state | jq .network.eth0.counters
{
"bytes_received": 100946,
"bytes_sent": 3404,
"errors_received": 0,
"errors_sent": 0,
"packets_dropped_inbound": 0,
"packets_dropped_outbound": 0,
"packets_received": 467,
"packets_sent": 32
}
すべての変更点(翻訳なし) ¶
このリリースでの完全な変更点のリストは次の通りです:
- global: Disable the completion command
- lxd/instance/lxc: Rework raw.lxc handling
- lxd/storage/zfs: Fix bad key name
- lxd/storage/zfs: Fix ListVolumes to use correct pool name
- lxd/instance: Don't allow state changes when evacuated
- lxd/daemon: Don't auto-start instances when evacuated
- lxd/instance: Rework IsMigratable
- lxd/device: Add CanMigrate
- lxd/instance: Move IsMigratable logic to devices
- lxd/instance/common: Fix error message
- lxd/cluster: Fix volatile race in restore
- tests: Fix expected clustering evacuation result
- i18n: Update translations from weblate
- lxd/cluster/evacuation: Improve comments
- lxd/cluster/evacuation: Use correct project in migration
- lxd/cluster/evacuation: Don't start running instances
- lxd/cluster/evacuation: Improve status messages
- lxd/cluster/evacuation: Fix shutdown during restore
- lxd/cluster/evacuation: Start with restoring local instances
- doc/instances: Clarifies expectation of uniqueness for volatile.uuid
- lxd/instance/instance/utils: Allow cross-project same instance matching on volatile.uuid in IsSameLocgicalInstance
- lxd: Fix typo in spelling of IsSameLogicalInstance
- lxd/device/nic/routed: Specify zero broadcast address
- test: Add test for routed NIC to ensure broadcast address isn't set by liblxc
- lxd/network/driver/ovn: Error quoting in Validate
- lxd/network/driver/ovn: Adds externalSubnetUsage type
- lxd/network/driver/ovn: Improve comments in Validate
- lxd/network/driver/ovn: Update ovnNetworkExternalSubnets to return externalSubnetUsage
- lxd/network/driver/ovn: Updates ovnNICExternalRoutes to return externalSubnetUsage
- lxd/network/driver/ovn: Adds getExternalSubnetInUse function
- lxd/network/driver/ovn: n.getExternalSubnetInUse usage in Validate
- lxd/network/driver/ovn: n.getExternalSubnetInUse usage in InstanceDevicePortValidateExternalRoutes
- api: Adds network_ovn_nat_address extension
- lxd/network/driver/ovn: Adds network external NAT address detection to ovnNetworkExternalSubnets
- lxd/network/driver/ovn: Adds ipv4.nat.address and ipv6.nat.address support to OVN networks
- lxd/network/driver/ovn: Skip our own network's external NAT address during NIC validation of external routes
- doc/networks: Adds ipv{n}.nat.address to ovn network
- lxd/project/permissions: Removes defaultRestrictionsValues and merges into allRestrictions
- lxd/project/permissions: Add restricted.devices.{pci,proxy} defaulting to block
- doc/projects: Adds restricted.devices.{pci,proxy} docs
- lxd/api/project: Add restricted.devices.{pci,proxy} validation
- scripts/bash/lxd-client: Adds restricted.devices.{pci,proxy} to bash completion
- lad/project/permissions: Implement restricted.devices.{pci,proxy} restrictions
- lxd/device/device/utils/proxy: Improve error messages from ProxyParseAddr
- lxd/device/proxy: Use validation helpers for clarity
- lxd/device/proxy: Consistent error endings
- lxd/device/proxy: Don't allow NAT mode when used inside projects with networks feature
- lxd: Switch to new fsnotify
- lxd/device/gpu_mdev: Switch to common UUID package
- lxd/network/errors: ErrUnknownDriver comment ending
- lxd/network/errors: Adds ErrNotImplemented error
- lxd/device/device/utils/network: Removes networkParsePortRange
- lxd/network/network/utils: Adds ParsePortRange function
- lxd/device/device/utils/proxy: network.ParsePortRange usage
- global: Use shorter uuid generation syntax
- lxd/init: Introduce --minimal
- lxc: join tokens are removed by member name, not token
- i18n: Update translation template
- lxd/init: Allow preseeding cluster_token
- lxd/main: Replace cluster node with cluster member
- shared/validate: Fix IPv6 wildcard handling in IsListenAddress
- lxd/device/gpu_mdev: Fix mdevUUID logic
- lxd/response: Rework SmartError to handle wrapped errors from stdlib errors and github.com/pkg/errors
- lxd/storage/pools: Use SmartError in storagePoolsPost
- lxd/storage/pools/utils: Wrap errors in storagePoolDBCreate
- lxd/db/transaction: Adds QueryScan helper function
- lxd/db/network/acls: Convert to use tx.QueryScan and tx.tx.QueryRow
- test: Update tests with new error text
- lxd/storage/backend/lxd: Allow removal of quota from VM filesystem volume if main quota is removed
- lxd/storage/drivers/driver/btrfs/volumes: Add log for VM block file quota accounting in SetVolumeQuota
- lxd/storage/drivers/driver/dir/volumes: Add log for VM block file quota accounting in SetVolumeQuota
- lxd/storage/drivers/driver/btrfs/volumes: Consistently apply referenced limit only and remove exclusive limits in SetVolumeQuota
- lxd/network/bridge: Comments
- shared/validate: Add IsInRange
- lxd/endpoints: Correct bad comment
- lxd/endpoints: Rename serveHTTP to serve
- doc/rest-api: Refresh swagger YAML
- lxd/network/network/utils: Check end port is higher than start port in ParsePortRange
- lxd/network/network/utils: Adds SubnetContainsIP function
- lxc/network/acl: Fix typos in RunRemove
- lxd/cluster/recover: add Recover
- lxd/cluster/recover: add updateLocalAddress
- shared/api/error: Adds StatusError type
- lxd/response/smart: Updates SmartError to detect and use api.StatusError type errors
- lxd/network/driver/ovn: Update validateExternalSubnet to use api.StatusErrorf()
- client/lxd: Updates lxdParseResponse to "interface smuggle" an api.StatusError type when getting an error response from API
- lxd/storage/backend/lxd: Restore pool directory structure on mount if needed
- test: Update container recovery tests to check for pool directory structure rebuild
- lxd/db/db: add DqliteLatestSegment
- lxd/main/cluster: add ClusterConfig and ToRaftNode
- lxd/cluster: Drop translated string
- lxd/main/cluster: add 'lxd cluster edit' command
- lxd/main/cluster: add validateNewConfig
- test/suites/clustering: add test_clustering_edit_configuration
- lxd/main/cluster: add 'lxd cluster show' command
- lxd/rbac: Drop old API
- lxd/api_1.0: Improve structure
- lxd/daemon: Improve structure
- lxd/network/physical: Align with bridged
- gomod: Initial port
- tests: Silence grep notices
- doc/index: Clarify CRIU example
- doc/index: Update for gomod
- Makefile: Tweak PHONY targets
- Makefile: Tweak static-analysis
- Makefile: Switch to gomod
- tests: Update for gomod
- github: Update for gomod
- gomod: Update dependencies
- lxd/db/network/acls: Removes unnecessary function
- lxd/db/network/acls: Removes networkACLConfig from Cluster type for consistency with networkACLConfigAdd
- lxd/network/driver/common: Updates validate to use shared.IsUserConfig
- Makefile: Cleanup if statements
- Makefile: Add support for LXD_OFFLINE
- client/util: Adds urlsToResourceNames function
- client: Switch *Names functions to use urlsToResourceNames
- doc/instances: Capitalize NIC
- lxd/device/nic_bridged: Load network during validation
- gomod: Update for gobgp
- api: network_bgp
- doc: Add new configuration keys for BGP
- lxd/device/nic_bridged: Support ipv4.routes.external and ipv6.routes.external
- scripts: Add BGP config keys
- lxd/node: Add core.bgp_address and core.bgp_routerid
- lxd/cluster: Add core.bgp_asn
- lxd/bgp: Add BGP server
- lxd/daemon: Integrate BGP server
- lxd/network: Add BGP config keys
- lxd/network: Add BGP helpers
- lxd/network/physical: Add BGP support
- lxd/network/bridge: Add BGP support
- lxd/network/ovn: Add BGP support
- lxd/device: Shared BGP functions
- lxd/device/nic_bridged: Add BGP support
- lxd/device/nic_ovn: Add BGP support
- doc/networks: Add section on BGP
- lxd/firewall/drivers/driver/consts: Adds AddressForward type
- lxd/firewall/firewall/interface: Updates InstanceSetupProxyNAT to accept AddressForward
- lxd/firewall/drivers/driver/xtables: Updates to support AddressForward
- lxd/firewall/drivers/drivers/nftables: Updates to support AddressForward
- lxd/firewall/drivers/drivers/nftables: Separate DNAT rules from SNAT rules in InstanceSetupProxyNAT
- lxd/device/config/device/proxyaddress: Separate address and ports in ProxyAddress
- lxd/device/device/utils/proxy: Updates ProxyParseAddr to support new ProxyAddress format
- lxd/device/proxy: Updated to support firewallDrivers.AddressForward and ProxyAddress changes
- lxd/main/forkproxy: Updates to support changed ProxyAddress
- lxd/main/forkproxy/test: Updates tests to reflect new ProxyAddress structure
- Makefile: Use go env GOPATH command to get GOPATH rather than env var GOPATH
- Makefile: Build lxd-generate directly to $(GOPATH)/bin/lxd-generate
- lxd/db/generate/lex/parse: Remove github.com/pkg/errors dependency
- lxd/db/generate/lex/parse: Updates Parse to take an absolute path to package directory
- lxd/db/generate/lxd/parse/test: Updates TestParse
- lxd/db/generate/db/parse: Updates Packages and defaultPackages to work relative to the LXD source tree
- lxd: implement volume import/export for CephFS
- lxd/main: Add setfattr to dependencies
- lxc/info: Use local timezone
- test/suites/clustering: use 'lxd cluster show' for tests
- lxd/cluster/membership: make waitLeadership public
- shared/api/error: Removes pointer receivers from StatusError functions
- shared/api/error: Adds StatusErrorMatch helper function
- lxd/response/smart: api.StatusErrorMatch usage in SmartError
- Makefile: Set GO111MODULE=on for update-api
- client/util: Update urlsToResourceNames to reduce allocations
- lxd/network/network/utils: Adds ParseIPToNet and ParseIPCIDRToNet functions
- api: Adds network_forward extension
- shared/api/network/forward: Adds shared structs for network address forwards
- lxd/lifecycle/network/forward: Adds network forwards lifecycle helper
- lxd/db/cluster/update: Adds updateFromV49 to create networks_forwards and networks_forwards_config table
- lxd/db/network/forwards: Adds network forward management functions
- lxd/db/network/forwards: Adds GetProjectNetworkForwardListenAddressesByUplink function
- lxd/network/network/interface: Adds network forward management definitions
- lxd/network/driver/common: Adds AddressForwards to Info
- lxd/network/driver/common: Adds common network forward functions
- lxd/network/openvswitch/ovn: Adds LoadBalancerApply function
- lxd/network/openvswitch/ovn: Adds LoadBalancerDelete function
- lxd/network/driver/ovn: Updates getExternalSubnetInUse to detect network forward listen addresses
- lxd/network/driver/ovn: Adds network forward support
- lxd/network/driver/ovn: Delete network forwards when network is deleted
- lxd/network/driver/ovn: Check that any existing forward target addresses are within the network's subnet(s) in Validate
- lxd/network/driver/ovn: Update Info to get common defaults and override as needed
- lxd/network/forwards: Adds network forwards APIs
- client/lxd/network/forward: Adds network forwards functions
- lxc/network/forward: Adds network forward CLI commands
- i18n: Update translation template
- doc/rest-api: Refresh swagger YAML
- doc: Adds network forward docs
- lxd/api/cluster: handover leadership when removing leader
- test/suites/clustering: add test_clustering_remove_leader
- lxd/util/sys: add ReplaceDaemon
- lxd/api/cluster: replace daemon when disabling clustering
- api: custom_volume_refresh
- shared/api: Add Refresh to StorageVolumeSource
- doc/rest-api: Refresh swagger YAML
- client: Add Refresh flag to StoragePoolVolumeCopyArgs
- lxd/storage: Improve errors
- lxd/storage/utils: Add SyncSnapshotsVolumeGet
- lxd/storage: Fix Refresh with CreateCustomVolumeFromMigration
- lxd/storage: Add RefreshCustomVolume method for lxdBackend
- lxd/migrate: Add refresh for custom volumes
- lxd/storage: Add Refresh support for custom volumes
- lxc/storage/volume: Add refresh flag to copy
- i18n: Update translation templates
- tests: Add test cases for copy operation refresh flag
- doc/index: Update min packages required to operate LXD
- doc/index: Add recommendation about min memory size needed
- doc: Don't assume that Go's bin path is ~/go/bin
- doc/requirements: Adds minimum memory requirements to build
- lxd/network/network/utils: Adds nicUsesNetwork function
- lxd/network/driver/ovn: Parse multiple CIDR routes in ovnNICExternalRoutes
- lxd/network/driver/common: Moves externalSubnetUsage to common
- lxd/network/driver/ovn: Removes externalSubnetUsage
- lxd/network/driver/ovn: externalSubnetUsage updated usage
- lxd/network/driver/ovn: Updates ovnNetworkExternalSubnets to use nicUsesNetwork function
- lxd/db/network/forwards: Corrects description of GetProjectNetworkForwardListenAddressesByUplink
- lxd/db/network/forwards: Consistent formatting in GetProjectNetworkForwardListenAddressesByUplink
- lxd/util/net: add IsWildcardAddress
- lxd/api/cluster: block core.https_address wildcard in cluster bootstrap
- doc/clustering: add 'lxd cluster edit' documentation
- lxd/endpoints/network: don't give up if no network listeners exist
- lxd/endpoints/cluster: check for unset networkAddress before returning
- lxd/endpoints/endpoints: fallback from network to cluster address
- lxd/node/config: assign default port to listener addresses if none given
- test/suites/clustering: expand tests to check listener addresses
- lxc/main/aliases: Fix panic when empty argument passed to lxc command
- test: Improve container devices proxy xtables tests
- test: Fix tabbing in container devices proxy test
- shared/api: Add Errors{Received,Sent} to network counters
- shared/netutils: Fill Errors counters
- doc: Update Rest API
- test: Improve error checks for proxy device
- lxd/db/network/forwards: Improve comments
- lxd/db/network/forwards: Adds memberSpecific arg to GetNetworkForwardListenAddresses
- lxd/db/network/forwards: Adds memberSpecific arg to GetNetworkForwards
- lxd/network/forwards: cluster.GetNetworkForwards usage
- lxd/network/forwards: cluster.GetNetworkForwardListenAddresses
- lxd/network/driver/ovn: n.state.Cluster.GetNetworkForwards usage
- lxd/network/driver/ovn: n.state.Cluster.GetNetworkForwardListenAddresses usage
- lxd/firewall/drivers/drivers/nftables: Rework InstanceSetupProxyNAT to accommodate network forward support
- lxd/firewall/drivers/drivers/xtables: Fix proxy NAT listen port in InstanceSetupProxyNAT
- api: Add network_counters_errors extension
- lxd/network/network/utils: Adds BridgeNetfilterEnabled function
- lxd/device/proxy: network.BridgeNetfilterEnabled usage
- lxd/device/nic/bridged: network.BridgeNetfilterEnabled usage
- lxd/device/proxy: Improve connect IP error messages
- shared/api: Add PacketsDropped{Inbound,Outbound} to network counter
- shared/netutils: Fill Dropped counters
- doc: Update Rest API
- api: Extend network_counters_errors API extension
- lxd/device/proxy: Improve post-start error messages to include device name
- lxd/device/proxy: Use structured logging for br_netfilter warning in setupNAT
- Remove mkdocs.yml
- .github/workflows: Update go versions
- lxd/network/network/utils: Exports NICUsesNetwork
- lxd/network/driver/ovn: NICUsesNetwork usage
- lxd/device/nic/bridged: network.NICUsesNetwork usage in validate
- lxd/firewall/firewall/interface: Add NetworkApplyForwards definition
- lxd/firewall/drivers/drivers/nftables: Adds NetworkApplyForwards implementation
- lxd/firewall/drivers/drivers/nftables: Updates NetworkClear to remove address forward chains
- lxd/firewall/drivers/drivers/xtables: Updates iptablesClear to support removing rules by matching multiple comments
- lxd/firewall/drivers/drivers/xtables: Adds networkForwardIPTablesComment and updates NetworkClear to remove rules with that comment
- lxd/firewall/drivers/drivers/xtables: Adds iptablesCommentPrefix
- lxd/firewall/drivers/drivers/xtables: Adds NetworkApplyForwards implementation
- lxd/db/network/forwards: Adds GetProjectNetworkForwardListenAddressesOnMember function
- lxd/network/driver/bridge: Adds network forward support
- lxd/device/nic/bridged: Consistent comment ending
- lxd/device/nic/bridged: Enable hairpin mode on NIC ports when network has forwards
- doc: Add bridge network forwards docs
- test: Adds network forward tests for bridge nftables and xtables
- lxc/copy: Don't allow --refresh and --no-profiles
- i18n: Update translation templates
- lxc/cluster: Comment improvement
- lxd/api/cluster: Adds mutex to clusterNodesPost to prevent concurrent requests creating duplicates
- gomod: Update dependencies
- i18n: Update translations from weblate
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.17 リリースのお知らせ¶
6th of August 2021
はじめに ¶
LXD チームは LXD 4.17 のリリースをお知らせできることにとてもワクワクしています!
このリリースはいくつか主要な機能が含まれています。それは、再構築したディザスターリカバリーメカニズム、クラスターメンバーの待避を実行できる機能です。それに加えて、lxc info が少し見直されました。そして、event と resource API 関連で多数の細かい改良が加えられています。
LXD 4.17 は私たちの新しい仕様書プロセスを通った主要機能を持った初めてのリリースです。関連する仕様書は次の URL にリンクされており、仕様書の全リストを見ることができます: https://discuss.linuxcontainers.org/c/specifications/18
Enjoy!
新機能とハイライト ¶
lxd import の新コマンド lxd recover への置き換え ¶
長い間、LXD のディザスターリカバリーストーリーは lxd import コマンドに基づいていました。これは、指定したインスタンスをファイルシステム上の期待されるパスで探し、インスタンスストレージに含まれる backup.yaml を読み、その情報に基づいてインスタンスのデータベースのエントリーを再作成します。
この機能は確かに動作しており、何らかの理由で LXD データベースを失った場合にうまく使われてきていました。しかし、この機能はインスタンスに限定されており、LXD で読み込んだりインポートできるように、インスタンスのファイルシステムを適切な場所に配置するために、かなりの手作業が必要でした。
このコマンドは新たに lxd recover コマンドにすべて置き換えられました。このコマンドは lxd init と同様な対話型のコマンドです。インスタンスとカスタムストレージボリュームの両方がインポートでき、既存のストレージプールと失われたストレージプールの両方をサポートしています。
lxd recover では、まずは既存のストレージプールの概要を表示します。それから、失われたストレージプールを追加できます。次にすべてのストレージプールをスキャンして、不足しているインスタンスやカスタムストレージボリュームを探します。スキャンの一部として、不足している依存関係(プロファイル、プロジェクト、ネットワークなど)も報告します。ユーザーはこれらの不足している依存関係を追加する機会を得た後、インポートを進められます。
この機能に関連する仕様書: https://discuss.linuxcontainers.org/t/lxd-new-disaster-recovery-tool/11296
クラスターメンバーの待避(evecuation) ¶
プロダクション環境のクラスターメンバーはすべて、いつかはメンテナンスが必要になるでしょう。 定例のシステム更新やハードウェアのメンテナンスなど、管理者がシステム上のすべてのインスタンスを停止させるか移動させる必要がある場合があります。
それが、新しいクラスター待避 API と CLI で簡単にできるようになりました。
管理者は単に lxc cluster evacuate lxd01 と実行するだけで、lxd01 上のすべてのインスタンスを他のクラスターメンバーにマイグレーションしたり、停止させたりできるようになりました。
デフォルトの動作は、対象となるインスタンスがローカルリソースを使用していて、マイグレーションができない場合をのぞいて、マイグレーションしようとします。マイグレーションできない場合は、代わりに停止させます。この動作は cluster.evacuate 設定オプションで制御できます。
システムが完全にオンラインに戻った場合、lxc cluster restore lxd01 を実行すると、移動したインスタンスはすべて戻り、すべてのインスタンスが復帰します。
この機能に関連する仕様書: https://discuss.linuxcontainers.org/t/lxd-cluster-member-evacuation/11330
lxc info 出力の見直し ¶
lxc info の出力がかなり見直されました。もっとも目に付く変更はスナップショットやバックアップのリストを表示する表になるでしょう。
それに加えて、ネットワーク情報と統計情報を整理し、拡張しました。また、メモリーとディスク情報に IEC 単位系を使うようになりました。
この結果、次のようになります:
Name: a1
Status: RUNNING
Type: container
Architecture: x86_64
PID: 3479583
Created: 2021/08/04 22:33 UTC
Last Used: 2021/08/04 22:33 UTC
Resources:
Processes: 5
Disk usage:
root: 532.00KiB
CPU usage:
CPU usage (in seconds): 4
Memory usage:
Memory (current): 2.28MiB
Memory (peak): 3.99MiB
Network usage:
eth0:
Type: broadcast
State: UP
Host interface: vethf604ab4a
MAC address: 00:16:3e:e2:d8:96
MTU: 1500
Bytes received: 107.93kB
Bytes sent: 28.14kB
Packets received: 930
Packets sent: 206
IP addresses:
inet: 10.166.11.136/24 (global)
inet6: fd42:4c81:5770:1eaf:216:3eff:fee2:d896/64 (global)
inet6: fe80::216:3eff:fee2:d896/64 (link)
lo:
Type: loopback
State: UP
MTU: 65536
Bytes received: 0B
Bytes sent: 0B
Packets received: 0
Packets sent: 0
IP addresses:
inet: 127.0.0.1/8 (local)
inet6: ::1/128 (local)
Snapshots:
+-------+----------------------+----------------------+----------+
| NAME | TAKEN AT | EXPIRES AT | STATEFUL |
+-------+----------------------+----------------------+----------+
| snap0 | 2021/08/04 22:33 UTC | 2030/01/01 00:00 UTC | NO |
+-------+----------------------+----------------------+----------+
| snap1 | 2021/08/04 22:33 UTC | | NO |
+-------+----------------------+----------------------+----------+
Backups:
+---------+----------------------+----------------------+---------------+-------------------+
| NAME | TAKEN AT | EXPIRES AT | INSTANCE ONLY | OPTIMIZED STORAGE |
+---------+----------------------+----------------------+---------------+-------------------+
| backup0 | 2021/08/04 22:33 UTC | | NO | NO |
+---------+----------------------+----------------------+---------------+-------------------+
| backup1 | 2021/08/04 22:39 UTC | | NO | YES |
+---------+----------------------+----------------------+---------------+-------------------+
| backup2 | 2021/08/04 22:40 UTC | | YES | NO |
+---------+----------------------+----------------------+---------------+-------------------+
| backup3 | 2021/08/04 22:40 UTC | 2031/03/23 21:38 UTC | NO | NO |
+---------+----------------------+----------------------+---------------+-------------------+
ライフサイクルイベント中のリクエスト元アドレス ¶
現在ライフサイクルイベントの一部として記録されているプロトコルとユーザー名に加えて、リクエスト元の IP アドレスも記録されるようになりました。
location: abydos
metadata:
action: instance-restarted
requestor:
address: '[2602:fc62:b:1000:ea29:c5e9:8544:e32d]:36276'
protocol: candid
username: stgraber@stgraber.net
source: /1.0/instances/nsd01?project=core
timestamp: "2021-08-06T04:53:17.571633526Z"
type: lifecycle
リソース API 内の USB GPU サポート ¶
LXD のリソース API(lxc info --resources)が、DisplayLink チップベースの GPU と同様に、適切に USB GPU を表示するようになりました。
gpu:
cards:
- driver: evdi
driver_version: 5.11.0-7620-generic
drm:
id: 0
card_name: card0
card_device: "226:0"
control_name: controlD64
control_device: "226:0"
numa_node: 0
usb_address: "2:6"
lxc monitor を使った全プロジェクトのモニタリング ¶
新たに lxc monitor に --all-projects オプションが追加されました。これは名前の通り現在のプロジェクトだけでなく、すべてのプロジェクトのイベントを監視できます。
lxc monitor のフォーマットオプション ¶
さらに lxc monitor に、--format オプションが追加されました。このオプションには 3 種類の出力が指定できます:
pretty(--prettyと同じ)yaml(デフォルトと同じ動作)json
すべての変更点(翻訳なし) ¶
このリリースでの完全な変更点のリストは次の通りです:
- shared/api: Add Address field to EventLifecycleRequestor
- lxd/api/1.0: Wait until LXD fully started before applying API changes in doApi10UpdateTriggers
- lxc/cluster: Fix bad format string
- i18n: Update translation template
- lxd/daemon: No need to call vmMonitor anymore as its served by devicesRegister
- lxd/devices: Add logging to devicesRegister
- lxd/instances: Remove unused vmMonitor
- shared/instance: Adds volatile.last_state.vsock_id to validation
- lxd/instance/drivers/driver/qemu: Adds volatile.last_state.vsock_id volatile key
- doc/instances: Documents volatile.last_state.vsock_id key
- client: Make staticcheck happy
- lxd-p2c: Make staticcheck happy
- lxc-to-lxd: Make staticcheck happy
- lxd-agent: Make staticcheck happy
- lxc/list: Use EqualFold for case-insensitive compare
- lxc: Make staticcheck happy
- lxd/instance/instance/utils: Adds cleanLogDir bool argument to CreateInternal
- lxd/request: Support for Address field
- api: event_lifecycle_requestor_address
- lxd: instance.CreateInternal usage
- doc: Renames volatile.last_state.vsock_id to volatile.vsock_id
- lxd/instance/drivers/driver/qemu: Renames volatile.last_state.vsock_id to volatile.vsock_id
- shared/instance: Renames volatile.last_state.vsock_id to volatile.vsock_id
- lxd/db/generate/file/write: add alternate build comment to generated files
- Makefile: add go formatting for update-schema
- lxd/db/generate/db/stmt: replace naturalKeyWhere with whereClause
- lxd/db/generate/db/parse: use kind parameter for Filter generation
- lxd/db/generate/db/method: pass query kind to Filter
- lxd/db/generate/db/stmt: use delete-by statements with Filter instead of only by id
- lxd/db/generate/db/method: use and handle Filter as parameter for Delete method
- lxd/db/generate/db/method: make Delete into DeleteOne and DeleteMany
- lxd/db/certificates: add new entries for code generation
- lxd/db/certificates: add delete-by fields to CertificateFilter
- lxd/db/certificates: remove old DeleteCertificateByNameAndType
- lxd/db/certificates.mapper: add new generated code
- lxd/db/certificates: use Filter as parameter for delete
- lxd/cluster/membership: use Filter as parameter for delete
- lxd/db/profiles: add new entries for code generation
- lxd/db/profiles.mapper: add new generated code
- lxd/api/project: use Filter as parameter for delete
- lxd/instance/test: use Filter as parameter for delete
- lxd/patches: use Filter as parameter for delete
- lxd/profiles: use Filter as parameter for delete
- lxd/db/snapshots: add new entries for code generation
- lxd/db/snapshots.mapper: add new generated code
- lxd/db/instances: add new entries for code generation
- lxd/db/instances.mapper: add new generated code
- lxd/db/instances: use Filter as parameter for delete
- lxd/db/projects: add new entries for code generation
- lxd/db/projects.mapper: add new generated code
- lxd/api/project: use Filter as parameter for delete
- lxd/node: Improve error handling
- shared/validate: Add IsListenAddress
- lxd/lxd: Validate https address for config key core.https_address
- lxd/storage/ceph: Improve version parsing
- lxd/device: Fix duplicate MAC test
- lxd/db/operations: add OperationFilter and operation database fields
- lxd/db/operations: add new entries for code generation
- lxd/db/generate/db/mapping: add OperationType as valid type for mapping
- lxd/db/generate/db/parse: support pointers
- lxd/db/generate/db/stmt: add create-or-replace statement functionality
- lxd/db/generate/db/method: add CreateOrReplace method functionality
- lxd/db/operations: remove hard-coded functions
- lxd/db/generate/db/parse: handle 'omit' tag
- lxd/db/generate/db/method: pass mapping kind to Parse for 'omit' tag
- lxd/db/generate/db/stmt: pass mapping kind to Parse for 'omit' tag
- lxd/db/generate/db/parse/test: pass mapping kind to Parse for 'omit' tag
- lxd/db/operations.mapper: add new generated code for operations
- lxd/db/transaction: add GetNodeID
- lxd/cluster/membership: use filter parameter for generated operation methods
- lxd/db/db: use filter parameter for generated operation methods
- lxd/db/entity: use filter parameter for generated operation methods
- lxd/db/operations/test: use filter parameter for generated operation methods
- lxd/operations: use filter parameter for generated operation methods
- lxd/operations/linux: use filter parameter for generated operation methods
- Revert "lxd/device: Fix duplicate MAC test"
- lxd/device/nic/bridged: util.SplitNTrimSpace usage
- lxd/device/nic/bridged: Improve vlan tagged error message
- lxd/device/nic/bridge: Validate that vlan and vlan.tagged dont use VLAN 0 when using a managed native linux bridge
- lxd/node: Relax constraint on cluster address
- lxd/device/nic/bridged: Exclude NICs that are different type from MAC/IP duplicate checks
- lxd/device/nic/bridge: Extend parent network exclusions for duplicate MAC/IP checks
- test: Updates bridged duplicate MAC/IP tests
- lxd/instance/drivers/qmp/commands: Fixes potential crash in QueryPCI
- lxd/instance/lxc: Fix swappiness calculation
- lxd/cluster/info: Increase loadInfo log level for starting local DB
- lxd/daemon: Modify LXD is starting message to use contextual logging
- lxd/daemon: Move to contextual logging in init
- lxd/daemon: Use logger/Debug/Info/logger.Warn rather than logger.Debugf/Infof/Warnf
- lxd/daemon: Increase some cluster startup/upgrade messages to Warn from Info in init
- lxd/daemon: Upper case first letter in error in init
- lxd/storage: Better logging and errors in setupStorageDriver
- lxd/storage/utils: Removes VolumeDBTypeToTypeName as unused
- lxd/storage/drivers/volume: Config comment improvement
- lxd/storage/drivers/volume: Rename customMountPath to mountCustomPath
- lxd/storage/drivers: vol.mountCustomPath usage
- lxd/storage/drivers/volume: Adds mountFilesystemProbe and SetMountFilesystemProbe function
- lxd/storage/drivers/utils: fsUUID simplification
- lxd/storage/drivers/utils: Adds fsProbe function
- lxd/storage/drivers/driver/lvm/volumes: Adds vol.mountFilesystemProbe support to MountVolume
- lxd/storage/drivers/driver/ceph/volumes: Adds vol.mountFilesystemProbe support to MountVolume
- lxd/instance/drivers/driver/lxc: Adds volumeConfig arg to lxcCreate
- lxd/instance/drivers/driver/qemu: Adds volumeConfig arg to qemuCreate
- lxd/instance/instance/utils: Updates Create signature for new create function
- lxd/instance/drivers/load: Adds volumeConfig arg to create
- lxd/instance/instance/utils: Adds volumeConfig arg to CreateInternal
- lxd: instance.CreateInternal usage
- lxd: instance.CreateInternal usage in tests
- shared/api: Support for Requestor field in lifecycle event log
- lxd/instance/drivers: Check instance is stopped, and not in an error state when stopping
- shared/idmap: Use O_CLOEXEC
- lxd/storage: Use O_CLOEXEC
- client/connection: Log simplestreams URL in ConnectSimpleStreams
- client/connection: Error quoting in ConnectSimpleStreams
- lxc/config/config: Use DefaultConfig when defaults==true in NewConfig
- lxc/config/file: Set DefaultRemote in LoadConfig if not specified by config file
- lxc/config/file: Reference DefaultConfig.DefaultRemote in SaveConfig
- lxc/monitor: Add --all-projects
- lxc/monitor: Add --format
- i18n: Update translation templates
- test/godeps: Updates with github.com/lxc/lxd/shared/log15
- i18n: Update translations from weblate
- lxd/instance/drivers/driver/qemu: Update start time volatile keys before backup file is written
- lxd/instance: Pass instanceType to ValidConfig
- lxd/instance: Pass instanceType to validConfigKey
- shared/instance: Split the config keys in container/VM/Any
- doc/instances: Mark security.devlxd as available for VMs
- shared/instance: Re-format
- shared/instance: Switch to the new maps
- shared/instance: Pass instanceType to ConfigKeyChecker
- lxc/list_test: Fix comments
- lxc/list: Update for ConfigKeyChecker change
- lxd/instance: Update for ConfigKeyChecker change
- lxd/storage/drivers/driver/lvm/utils: Typo in comment on lvmBlockVolSuffix
- lxd/storage/drivers/driver/zfs/utils: Adds zfsBlockVolSuffix const and uses it in dataset function
- lxd/storage/drivers/driver/zfs/patches: Uses zfsBlockVolSuffix in patchStorageZFSMount function
- lxd/storage/drivers/driver/ceph/utils: Add cephBlockVolSuffix constant
- lxd/storage/drivers/driver/ceph/utils: Moves volume type to rbd volume prefix conversion out of getRBDVolumeName and into cephVolTypePrefixes
- lxd/storage/drivers/driver/lvm/utils: Simplify lvmFullVolumeName
- shared/api: Fix crash on missing event requestor
- shared/cmd/ask: Add error handling to CLI question askers to avoid infinite loops with EOF
- lxd/main/init/interactive: Update usage of CLI asker functions to handle errors
- lxc/remote: Update usage of CLI askers to handle errors
- lxc: Hide built-in completion command
- shared/api: Add support for USB GPU
- lxd/resources: Add support for USB GPU
- api: resources_gpu_usb
- lxd/resources: Reword errors
- shared/validate: Change IsOneOf to return validator
- lxd: Switch to new IsOneOf
- shared: Switch to new IsOneOf
- doc/cloud-init: Update for current images
- lxd/db/storage/pools: CreateStoragePool comment improvement
- lxd/storage/drivers/utils: Consistent error quoting and messaging in wipeDirectory
- lxd/storage/drivers/driver/btrfs: Consistent error quoting and messaging in Delete
- lxd/storage/drivers/driver/zfs: Add validation to Mount
- lxd/storage/backend/lxd: Expand comment in EnsureImage about partial image volume handling
- lxd/storage/backend/lxd: Don't try to load root disk config in MountInstance/UnmountInstance if instance not in DB
- lxd/storage/backend/lxd: Remove support for lxd import from CheckInstanceBackupFileSnapshots
- lxd/storage/backend/lxd: Clarify comment in CheckInstanceBackupFileSnapshots
- lxd/storage/utils: Adds VolumeTypeToAPIInstanceType function
- lxd/storage/load: Adds NewTemporary function
- lxd/storage/drivers/interface: Adds ListVolumes definition
- lxd/storage/drivers/generic/vfs: Adds genericVFSListVolumes function
- lxd/storage/drivers/generic/vfs: Adds and uses constant genericVolumeBlockExtension
- lxd/storage/drivers/driver/mock/volumes: Adds ListVolumes function
- lxd/storage/drivers/driver/btrfs/volumes: Adds ListVolumes function
- lxd/storage/drivers/driver/dir/volumes: Adds ListVolumes function
- lxd/storage/drivers/driver/lvm/volumes: Adds ListVolumes function
- lxd/storage/drivers/driver/zfs/volumes: Adds ListVolumes function
- lxd/storage/drivers/driver/ceph/volumes: Adds ListVolumes function
- lxd/storage/drivers/driver/cephfs/volumes: ListVolumes function
- lxd/storage/pool/interface: Add ListUnknownVolumes definition
- lxd/storage/pool/interface: Adds ImportInstance definition
- lxd/storage/backend/mock: ListUnknownVolumes function placeholder
- lxd/storage/backend/mock: Adds ImportInstance placeholder function
- lxd/storage/backend/lxd: Adds ListUnknownVolumes function
- lxd/storage/backend/lxd: Adds ImportInstance implementation function
- lxd/storage/backend/lxd: Delete any left over image volumes in Delete
- lxd/storage/drivers/volume: EnsurePath to create parent snapshot volume directory if needed
- lxd/storage/drivers/utils: Consistent quoting of errors in createParentSnapshotDirIfMissing
- lxd/db/profiles: Adds GetProjectProfileNames function
- lxd/api/internal: Adds internalRecoverValidateCmd and internalRecoverImportCmd endpoint
- lxd/main: Adds recover CLI command
- test: Adds container recover tests
- doc/backup: Newline tweaks for clarity
- doc/backup: Updates disaster recover documentation describing the use of the lxd recover command
- lxd/api/internal: Remove lxd import endpoint and internalImportFromRecovery function
- lxd/api/internal: Remove recovery mode from internalImport
- lxd/instances/post: internalImport usage in createFromBackup
- lxd/instance/drivers/driver/lxc: Remove usage of storagePools.InstanceImportingFilePath
- lxd/api/internal: Update internalImport to use instance name consistency and dont mangle the parsed backup yaml snapshot names
- lxd/main/import: Modify lxd import to error with instructions to use lxd recover command
- test: Remove lxd import tests
- lxd/storage/storage: Delete GetContainerMountPoint as doesn't support VMs
- lxd/patches/utils: Adds containerMountPoint as deprecated legacy function
- lxd/patches: Switches to containerMountPoint
- lxd/instance/post: Switch to storagePools.LoadByInstance() in instancePostClusteringMigrateWithCeph
- lxd/instance/post: Renames internalClusterContainerMovedPost to internalClusterInstanceMovedPost
- lxd/instance/post: Error consistency in instancePostClusteringMigrateWithCeph
- lxd/instance/post: Renames instancePostCreateContainerMountPoint to instancePostCreateInstanceMountPoint
- lxd/instance/post: Switch to instancePostCreateInstanceMountPoint
- lxd/profiles/utils: Don't expose node concept in end user errors in doProfileUpdate and doProfileUpdateCluster
- lxd/api/internal: Rename internalImport to internalImportFromBackup
- lxd/instances/post: internalImportFromBackup usage in createFromBackup
- lxd: Renames /internal/cluster/container-moved to /internal/cluster/instance-moved
- i18n: Update translation template
- lxd/db/generate/db/mapping: check Filter field in FilterFieldByName
- lxd/db/generate/db/parse: fill Filter field for Mapping
- lxd/db/generate/db/parse/test: use empty Filter for tests
- lxd/db/projects: move api.Project to db.Project
- lxd/api: use db.Project instead of api.Project
- lxd/db: use db.Project instead of api.Project
- lxd/device: use db.Project instead of api.Project
- lxd/images: use db.Project instead of api.Project
- lxd/device: use db.Project instead of api.Project
- lxd/patches: use db.Project instead of api.Project
- lxd/project: use db.Project instead of api.Project
- lxd/storage: use db.Project instead of api.Project
- lxd/db/certificates: add CertificateType for type of certificate
- lxd/certificates: use CertificateType instead of int
- lxd/cluster: use CertificateType instead of int
- lxd/daemon: use CertificateType instead of int
- lxd/db/migration/test: use CertificateType instead of int
- lxd/db/generate/db/mapping: support CertificateType
- lxd/db/generate/db/method: add generator comment to generated methods
- lxd/db/mapper: generated code
- i18n: Update translations from weblate
- Added console and rename to lxd names auto complete
- lxd/instance/drivers: Add ErrInstanceIsStopped
- lxd/util/kernel: Renames HasFilesystem to SupportsFilesystem
- lxd/daemon: util.SupportsFilesystem usage
- lxd/storage/filesystem: Adds filesystem package and moves FilesystemDetect to it as just Detect
- lxd/storage/drivers/utils: Removes hasFilesystem
- lxd/storage/drivers/driver/btrfs: Replace hasFilesystem usage with filesystem.Detect
- lxd/device: filesystem.Detect usage
- lxd/instance/drivers: filesystem.Detect usage
- lxd: filesystem.Detect usage
- lxd/sys: filesystem.Detect usage
- shared: Removes IsMountPoint and parseMountinfo
- lxd/storage/filesystem/fs: Adds parseMountinfo and IsMountPoint
- lxd/daemon: filesystem.IsMountPoint usage
- lxd/device: filesystem.IsMountPoint usage
- lxd/patches: filesystem.IsMountPoint usage
- lxd/storage: filesystem.IsMountPoint usage
- lxd/storage/filesystem: Adds StatVFS function
- shared/util/linux: Removes Statvfs
- lxd/storage/drivers/generic/vfs: filesystem.StatVFS usage
- lxd/storage/filesystem/fs: Switch Detect to use StatVFS
- lxd/storage/drivers: Error quoting
- lxc: Provide more information on instance device actions
- lxc: Update error message on non-existent device
- po: Update translations
- lxd/backup: Only write snapshot only name to backup index in volumeBackupWriteIndex
- lxd/storage/backend/lxd: Handle both old (incorrect)
/ and only names in index file in CreateCustomVolumeFromBackup - lxd/storage/drivers: Initialise an empty volume config in the volumes returned from ListVolumes
- lxd/storage/pool/interface: Adds ImportCustomVolume definition
- lxd/storage/backend/mock: Adds ImportCustomVolume placeholder
- lxd/storage/backend/lxd: Adds ImportCustomVolume implementation
- lxd/storage/backend/lxd: Add custom volume support to ListUnknownVolumes
- lxd/api/internal/recover: Add custom volume support to recover feature
- lxd/api/internal/recover: Improve instance recover error messages
- lxd/instance/drivers/driver/qemu: Remove isImport TODO consideration as lxd import doesn't exist anymore
- lxd/storage/drivers/driver/zfs/volumes: Fix ListVolumes to detect custom block volumes
- lxd/storage/backend/lxd: Improve error and logging of removal of left over image volumes in Delete
- lxd/storage/drivers: Update ListVolumes of block backed drivers to detect duplicate image volumes and only return the block type
- lxd/storage/backend/lxd: Fix type in comment in CreateCustomVolumeFromBackup
- lxd/db: Add ClusterMemberStateEvacuated
- lxd/db: Add function to change node status
- lxd/db: Ignore evacuated cluster members in GetNodeWithLeastInstances
- lxd/db: Include evacuated nodes and mark them accordingly
- lxd/db: Add OperationClusterMemberEvacuate and OperationClusterMemberRestore
- lxd/db: Add LocalNodeIsEvacuated
- shared/instance: Add evacuation options
- shared/api/cluster: Add ClusterMemberStatePost
- lxd/instance/drivers: Add IsMigratable
- lxd: Add forwardedResponseToNode
- lxd: Add migrateInstance function
- lxd: Add /1.0/cluster/member/{name}/state
- lxd: Restrict operations on evacuated nodes
- api: Add clustering_evacuation
- client: Add UpdateClusterMemberState
- lxc: Add cluster {evacuate,restore}
- doc/rest-api: Refresh swagger YAML
- doc: Mention new evacuation settings
- test/suites: Add evacuation tests
- test/suites: Clean up clustering_image_refresh
- po: Update translations
- lxd/db/generate/db: mention interface signatures in cli help
- lxd/db/generate/file/snippet: add GenerateSignature
- lxd/cgroup: Fix handling of non-systemd cgroup2
- lxd/db/generate/db/stmt: implement empty GenerateSignature
- lxd/db/generate/db/method: implement GenerateSignature and signature
- lxd/db/generate/db/method: add isInterface argument to begin
- lxd/db/generate/db/method: use signature instead of begin
- lxd/db/generate/file/write: add resetInterface and appendInterface
- lxd/db/interface/mapper: add generated interface files
- lxd/db/generate/db/method: use GetOne/GetMany instead of Get/List
- lxd/db: use GetOne/GetMany for generator comments
- lxd/db/mapper: new generated code
- doc/clustering: Mention evacuate/restore
- lxd/db/generate/db/lex: add -by- field parsing helpers
- lxd/db/generate/db/mapping: add ActiveFilters
- lxd/db/generate/db/mapping: make FieldArgs and FieldParams methods on Mapping
- lxd/db/generate/db/method: use operations to parse method kind
- lxd/db/generate/db/method: use new Field argument parsing
- lxd/db/generate/db/method: implement parameter-based delete methods
- lxd/db: use -by- fields for delete generation comments
- lxd/db/mapper: update generated code
- lxd/db: use explicit arguments for delete
- lxd/api/project: use explicit arguments for delete
- lxd/cluster/membership: use explicit arguments for delete
- lxd/instance/test: use explicit arguments for delete
- lxd/operations/linux: use explicit arguments for delete
- lxd/patches: use explicit arguments for delete
- lxd/profiles: use explicit arguments for delete
- lxd/db/generate/lex/case: lowercase ID and UUID
- lxd/db/operations/mapper: update generated code
- lxd/api/internal/recover: Search unknown volumes list for any instance volume and use that for pool DB recovery
- lxd/main/recover: Add some output when starting potentially log processes
- test: Ensure custom user config is restored during pool recovery from instance config
- lxd/db/generate/db/parse: rename (Ref)Filters to (Ref)FiltersFromStmt
- lxd/db/generate/db/method: use FiltersFromStmt
- lxd/db/generate/db/method: add if block for empty filters
- lxd/db/certificates: remove comparison flag from Fingerprint
- doc: Add events doc to navigation
- test: Switch recover tests to use a non-default project
- lxd/api/internal/recover: Recover custom volumes before instance volumes
- test: Add recover custom volume tests
- lxd/storage/drivers/driver/cephfs/volumes: Implements ListVolumes function
- lxd/api/internal/recover: Removes check for skipping unsupported storage pools in internalRecoverScan
- lxd/api/internal/recover: Don't allow storage pool record recovery if clustered
- lxd/main/recover: Don't offer the option to enter additional storage pools when clustered
- lxd/storage/drivers: Prevent custom block volume export
- lxd/device/disk: Update comment regading custom block volumes
- lxd/device/disk: Check path property for filesystem volumes
- lxc/storage: Allow attaching custom block volumes to VMs
- po: Update translations
- lxc/init: When using network flag support managed networks
- lxd/init: Create NIC called eth0 with interface name eth0 when using --network flag
- lxc/init: Improve errors so that it is clear what resource type isn't found
- lxd/instance/drivers: Make volatile.uuid population code same for both drivers
- lxd/instance/instance/utils: Populate volatile.uuid in CreateInternal if needed
- lxd/instance/instance/utils: Adds MoveTemporaryName and IsSameLocgicalInstance functions
- lxd/instance/post: instance.MoveTemporaryName usage
- lxd/device/nic/bridged: Update duplicate validation to use instance.IsSameLocgicalInstance
- test: Update container local cross pool handling to test for duplicate NIC check handling
- test: Fix tests to use eth0 rather than attached network name
- lxd: Hide built-in completion command
- lxd/instance/instance/utils: Updates CreateInternal to create an operationlock as soon as its instance ID exists
- lxd/api/internal: CreateInternal operationlock usage
- lxd/instance: CreateInternal operationlock usage
- lxd/instance/drivers/driver/common: CreateInternal operationlock usage
- lxd/instances/post: CreateInternal operationlock usage
- lxd/migrate/instance: CreateInternal operationlock usage
- lxd: Update tests for CreateInternal usage
- syscall_wrappers: don't conflict with glibc provided close_range()
- lxd/db/certificates: add manual query for fingerprint with wildcard
- lxd/db/certificates/test: remove wildcard from test
- lxd/db/images: remove comparison flag from Fingerprint
- lxd/db/images: add getImagesByFingerprintPrefix for wildcard querying
- lxd/db/transaction: add prepare
- Makefile: add goimports to update-schema
- lxd/db/mapper: update generated code
- lxd/db/generate/db/stmt: remove comparison tag handling
- lxd/db/images/test: add TestGetImage
- lxd/db/images: fingerprint to fingerprintPrefix and public to publicOnly
- lxd/apparmor: Allow remount using strictatime
- lxc/info: Improve output
- lxc/info: Rework network information
- lxc/info: Move to IEC units
- i18n: Update translation template
- tests: Update for lxc info changes
- i18n: Update translations from weblate
- lxd/db: use pointers for filter fields
- lxd/db/generate/db/method: remove Criteria and check filter fields directly
- lxd/db/generate/db/lex: check filter for nil fields instead of criteria
- lxd/db/generate/db/mapping: remove unused functions
- lxd/db/generate/db/parse: remove unused functions
- lxd/db/generate/db/parse: return active and ignored filters from (Ref)FiltersFromStmt
- lxd/db/generate/db/lex: check ignored fields are nil in activeFilters
- lxd/db/generate/db/method: check ignored filters and error out if invalid
- lxd/firewall: Rename DHCPDNS to ICMPDHCPDNS
- lxd/firewall/nftables: Clarify comment
- lxd/firewall/nftables: Allow ICMP
- lxd/firewall/xtables: Allow ICMP
- lxd/db/instances: omit InstanceType from -Ref methods
- lxd/db/mapper: update generated code
- images: use pointers for ImageFilter
- operations: use pointers for OperationFilter
- profiles: use pointers for ProfileFilter
- snapshots: use pointers for InstanceSnapshotFilter
- instances: use pointers for InstanceFilter
- lxd/db/instances: remove InstanceFilterAllInstances
- lxd/db/instances: add InstanceTypeFilter
- lxd/db/instances: use InstanceFilter instead of optional args
- lxd/use InstanceTypeFilter instead of optional args
- lxd/db/instances: add empty string check for GetLocalNodeName
- lxd/db/images: use ImageFilter for optional args
- lxd/storage/pools: use ImageFilter for GetImages args
- lxd/util: Add ceph config parser
- lxd/storage/cephfs: Use new ceph parsing functions
- lxd/device/disk: Use new ceph parsing functions
- lxd/util: Make ceph.conf parser more tolerant
### 試用環境
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.0.7 リリースのお知らせ¶
17th of July 2021
はじめに ¶
LXD チームが LXD 4.0.7 のリリースをお知らせします!
このリリースは、2025 年 6 月までサポートされる LXD 4.0 に対する 7 つめのバグフィックスリリースです。
バグ修正と改良 ¶
このリリースには、開発ブランチからの数カ月分のバグフィックスと細かな改善が含まれています。
主な変更点は次の通りです:
- トークンベースのクラスター加入 (
lxc cluster add) - クラスターメンバーの説明(description)フィールド
- シャットダウンタイムアウトの設定が可能に (
core.shutdown_timeout) - 信頼できる内向き(inbound)プロキシーのリクエスト元情報 (
core.https_trusted_proxy) - クラスター証明書の更新 (
lxc cluster update-certificate) - プロジェクト間のカスタムストレージボリュームのコピー・移動
- サポートするストレージドライバーの詳細情報 (
lxc info) - ライフサイクルイベント中にリクエスト元アドレス
- ライフサイクルイベントの追加(全てカバー)
これらはすべてデータベースの変更や API の動作の変更が不要な、LTS リリースにバックポートするのに十分使い勝手が改善されると判断した、LXD のフィーチャーリリースからバックポートした小さな改良です。
コミットの全リストは次の通りです(翻訳なし):
- lxd/networks/utils: Log forkdns refresh task starting in networkUpdateForkdnsServersTask
- lxd/db/node: Adds certificates table to local database
- lxd/db/certificates: Adds GetCertificates function
- lxd/db/certificates: Adds DeleteCertificateByNameAndType function
- lxd/certificates: Fix import ordering
- lxd/certificates: Updates updateCertificateCache to handle per-certificate upgrade
- lxd/db/certificates: Adds ReplaceCertificates function
- lxd/certificates: Updates updateCertificateCache to handle per-certificate upgrade
- lxd/certificates: Adds updateCertificateCacheFromLocal function
- lxd/certificates: Notify other cluster members of certificate update in doCertificateUpdate
- lxd/certificates: Notify other cluster members of certificate deletion in certificateDelete
- lxd/certificates: Allow certificate type change in doCertificateUpdate
- lxd/certificates: cluster.ErrCertificateExists and serverCert usage in certificatesPost
- lxd/daemon: Adds serverCert and serverCertInt vars
- lxd/daemon: Updates State to populate serverCert
- lxd/daemon: Load trusted server certs from local DB on startup using updateCertificateCacheFromLocal
- lxd/daemon: Refresh cached trusted certificates when heartbeat node count changes in NodeRefreshTask
- lxd/daemon: Pass d.serverCert and networkCert to startClusterTasks Add
- lxd/daemon: Updates Authenticate to check trusted server certs
- lxd/state: Updates NewState to have a serverCert and updateCertificateCache arg
- lxd/state: Update tests with NewState usage
- lxd/util/http: Updates CheckTrustState to use networkCert argument
- lxd/cluster/notify: Update NewNotifier to accept networkCert and serverCert args
- lxd/cluster/tls: Update tlsClientConfig to accept networkCert and serverCert
- lxd/cluster/tls: Updates tlsCheckCert to accept networkCert and serverCert
- lxd/cluster/connect: Adds ErrCertificateExists var
- lxd/cluster/connect: Updates Connect to accept networkCert and serverCert args
- lxd/cluster/connect: Updates SetupTrust to accept serverName arg
- lxd/cluster/connect: Adds UpdateTrust function
- lxd/cluster/connect: Updates HasConnectivity to accept networkCert and serverCert
- lxd/cluster/events: Updates events functions to accept networkCert and serverCert
- lxd/cluster/gateway: Store networkCert and serverCert in Gateway and update NewGateway
- lxd/cluster/gateway: Updates HandlerFuncs to accept trustedCerts function
- lxd/cluster/gateway: HasConnectivity usage
- lxd/cluster/gateway: Update Reset to handle networkCert
- lxd/cluster/gateway: tlsClientConfig usage
- lxd/cluster/gateway: loadInfo usage
- lxd/cluster/heartbeat: tlsClientConfig in Send and Heartbeat
- lxd/cluster/upgrade: Updates NotifyUpgradeCompleted with networkCert and serverCert args
- lxd/cluster/membership: Adds EnsureServerCertificateTrusted function
- lxd/cluster/membership: Updates Bootstrap to store serverCert in trusted certificates table
- lxd/cluster/membership: Update Join to handle per-server certificates
- lxd/cluster/membership: Updates notifyNodesUpdate to handle serverCert
- lxd/cluster/membership: HasConnectivity usage
- lxd/cluster/membership: Update Purge to remove trusted server certificate
- lxd/cluster: Update tests to work with changes
- lxd/api: d.gateway.HandlerFuncs usage
- lxd/api/cluster: Updates clusterPutJoin to handle per server certificates
- lxd/api/cluster: d.gateway.Reset usage
- lxd/api/cluster: Call updateCertificateCache in clusterNodeDelete after certificate removed
- lxd/api/cluster/test: server name as cert name
- lxd/main/init: state.NewState usage
- lxd/main/init/interactive: cluster.SetupTrust usage and serverCert naming for consistency
- lxd: cluster.NewNotifier usage
- lxd: cluster.Connect and related function usage
- lxd/patches: Adds patchClusteringServerCertTrust
- lxd/certificates: NewNotifier usage
- doc/clustering: Update guide to show that cluster.crt on bootstrap member should be used
- test: Add check for trusted server certificate removal on cluster member removal
- test: Update table count check to account for local certificates table
- lxd/images: Specify image type during distribution
- client/connection: Correct HTTPs to HTTPS in ConnectPublicLXD
- lxd/operations: Clarify return values in comment on Render
- lxd/db/operations: Adds GetOnlineNodesWithRunningOperationsOfType function
- lxd/operations: Adds operationCancel function
- lxd/operations: Adds operationsGetByType function
- lxd/images: Updates imageValidSecret to accept projectName and opType arguments
- lxd/images: projectName argument in createTokenResponse
- lxd/images: imageValidSecret usage
- lxd/operations: Updates operationsGet to use projectName when retrieving remote operations
- lxd/operations: Updates operationsGetByType to use projectName when retrieving remote operations
- lxd/instances: Swagger for logs
- lxd/instances: Update error message
- lxd/instances: Swagger for files
- doc/rest-api: Refresh swagger YAML
- shared/api: Add swagger metadata for instance exec
- lxd/instances: Swagger for exec
- lxd/swagger: Fix json name of metadata
- shared/api: Add swagger metadata for instance state
- lxd/instances: Swagger for state
- shared/api: Add swagger metadata for instance console
- lxd/instances: Swagger for console
- shared/api: Add swagger metadata for instances
- lxd/instances: Swagger for instance
- doc/rest-api: Refresh swagger YAML
- lxd/instance/qmp: Switch to query-cpus-fast
- lxd/apparmor: Respect LXD_OVMF_PATH
- lxd/daemon: Improved logging in NodeRefreshTask
- lxd/db/operations: Import ordering
- lxd/db/operations/types: Adds OperationClusterJoinToken type
- lxd/db/operations: Replace GetOnlineNodesWithRunningOperationsOfType with GetOperationsOfType
- lxd/operations: Updates operationCancel with correct remote address
- lxd/operations: Fixes operationsGetByType to filter operations by type correctly
- lxd/node/raft/test: Corrects typo
- api: Adds clustering_join_token extension
- shared/api/cluster: Adds ClusterMembersPost type
- shared/api/cluster: Adds ClusterMemberJoinToken type
- lxd/api/cluster: Adds clusterNodesPost handler
- client/interfaces: Adds CreateClusterMember function to interface
- client/lxd/cluster: Adds CreateClusterMember function
- lxc/cluster: Add lxc cluster add command
- lxd/certificates: Adds clusterMemberJoinTokenValid and clusterMemberJoinTokenDecode functions
- lxd/certificates: Updates certificatesPost to check supplied password against active cluster join token operations
- lxd/main/init/interactive: Adds join token support to askClustering
- lxc/cluster: Adds cluster list-tokens command
- lxc/cluster: Adds clusterJoinTokenOperationToAPI function
- lxd/operations: Updates OperationClass.String() to use constants from shared/api
- shared/api/operations: Adds operation class name constants
- doc/clustering: Adds details on using the join token during adding cluster members
- test: Adds overridable join secret to spawn_lxd_and_join_cluster
- test: Adds join token tests to clustering_membership
- test: Increase the offline thresholds to above 12 as heartbeat interval is hardcoded to 10
- doc/rest-api: Refresh swagger YAML
- Makefile: Set GO111MODULE=on for update-api swagger build
- shared/api: Fix snapshot structs
- lxc/config: Update following InstanceSnapshotPut fix
- shared/api: Add swagger metadata for instance snapshots
- lxd/instances: Swagger for snapshots
- doc/rest-api: Refresh swagger YAML
- shared/units: Add GetByteSizeStringIEC
- api: clustering_description
- shared/api: Add cluster member description
- lxd: Expose cluster member description
- Revert "test: Increase the offline thresholds to above 12 as heartbeat interval is hardcoded to 10"
- api: Adds description back for clustering_join_token extension
- lxd/images: Dont log error in autoSyncImagesTask when not clustered
- lxd/images: Make logging consistent in autoSyncImagesTask
- lxd/db/node: Display last heartbeat time in ToAPI
- lxc: Add -f as shorthand for --format
- lxd/devices: Allow user.XYZ
- lxd/db/node: Updates SetNodeHeartbeat to return ErrNoSuchObject if row doesn't exist to be updated
- lxd/db/query/retry: Use errors.Cause in Retry
- lxd/cluster/heartbeat: Single call to time.Now() in heartbeat
- lxd/cluster/heartbeat: Fixes bug in heartbeat that causes heartbeat round to be discarded if member removed during round
- lxd/cluster/heartbeat: Keep error handling from g.currentRaftNodes together
- lxd/cluster/heartbeat: Error logging consistency
- lxd/cluster/heartbeat: Use contextual logging
- lxd/cluster/events: Improve logging consistency in eventsUpdateListeners
- lxd/task/group: Adds context arg to Start
- lxd/task/start: Add context arg to Start
- lxd/task: Start context usage
- lxd/daemon: Updates Start functions usage by passing daemon context
- lxd/images: Improve logging in imageSyncBetweenNodes
- test: Add lxc cluster list before comparison in test_clustering_handover for visibility into cluster state
- test: Separate stop and publish commands in test_clustering_image_replication
- lxd/main/init/interactive: Clear config.Cluster.ClusterPassword after setting up trust
- lxd/images: Improve logging
- lxd/api/1/0: Whitespace
- lxd/api/1/0: Update d.gateway.HeartbeatOfflineThreshold when cluster.offline_threshold is changed
- lxd/cluster/config: Add minThreshold to offlineThresholdValidator
- lxd/cluster/gateway: Add HeartbeatOfflineThreshold var
- lxd/cluster/heartbeat: Improve logging and errors in HeartbeatNode
- lxd/cluster/heartbeat: Actually use taskCtx in HeartbeatNode for HTTP request base
- lxd/cluster/heartbeat: Don't re-run Update as this throws away discovered node liveness times
- lxd/cluster/heartbeat: tx.SetNodeHeartbeat to actual last heartbeat time
- lxd/cluster/heartbeat: Update Send to support dynamic spread duration
- lxd/cluster/heartbeat: Adds heartbeatInterval function
- lxd/cluster/heartbeat: Updates HeartbeatTask to use gateway.heartbeatInterval
- lxd/cluster/heartbeat: Removes heartbeatInterval constant
- lxd/cluster/heartbeat: Updates heartbeat to use interval derived from offline threshold
- lxd/daemon: Populate d.gateway.HeartbeatOfflineThreshold on init
- lxd/daemon: Adds taskClusterHeartbeat var and populates it
- lxd/cluster/heartbeat: Logging improvements
- lxc: Update interactive editor fail message to indicate ctrl+c can be used to abort change
- shared/api: Add swagger metadata for instance backups
- lxd/instances: Swagger for backups
- lxd: Support for reading cluster certificate from file
- doc: cluster_certificate_path documentation
- shared/api: Add swagger metadata for image metadata
- lxd/instances: Swagger for instance metadata
- doc/rest-api: Refresh swagger YAML
- lxd/images: Fix typo in swagger
- lxd/network/driver/bridge: Reuse consistent bridgeLink var rather than keep creating new vars
- lxd/network/driver/bridge: Bring up vxlan tunnel link
- lxd/network/driver/bridge: Use clearer naming for different link types
- lxd/network/driver/bridge: Don't use Link suffix for var names that don't represent links
- lxd/instances: Unmount shiftfs on startup failures
- lxd/cluster: Add core.shutdown_timeout
- lxd/api/cluster: Check if LXD closing down in rebalanceMemberRoles
- lxd/api/cluster: Call rebalanceMemberRoles from internalClusterRaftNodeDelete
- lxd/cluster/gateway: Logging improvements
- lxd/daemon: Logging improvements
- lxd/images: Logging improvements
- shared/api: Add swagger metadata for instances
- lxd/instances: Swagger for instances
- doc/rest-api: Refresh swagger YAML
- lxd/cluster/gateway: Add heartbeatCancelLock and heartbeatCancel vars
- lxd/cluster/heartbeat: Introduces heartbeatMode type and constants for heartbeat modes
- lxd/cluster/heartbeat: Updates heartbeat to accept mode argument
- lxd/cluster/heartbeat: Make end of heartbeat log message include local address for clarity
- lxd/cluster/heartbeat: Adds heartbeatRestart function
- lxd/cluster: g.heartbeat() usage
- lxd/cluster/gateway: Call g.heartbeatRestart from HandlerFuncs when handling a heartbeat
- lxd/cluster/heartbeat/test: Fixes TestHeartbeat so that it waits for join notification heartbeats to occur
- lxd/daemon/images: imageDownloadLock typo
- lxd: Support for core.shotdown_timeout
- doc: Add core.shutdown_timeout
- lxd/storage/ceph: Always return VolumeUsage
- doc/production-setup: Cover name leakage
- lxd/apparmor/instance: Deref OVMF path
- lxd/instance/drivers/driver/qemu: Adds one missing op.Done call and removes 2 unnecessary ones
- lxd/instance/drivers/driver/qemu/templates: Correct comment on qemuPCIPhysical
- lxd/instance/drivers/driver/qemu: Remove old pid file on start if exists
- lxd/cluster/heartbeat: Fix heartbeatInterval()
- lxd/instance/qemu: Support for security.devlxd default (true) value
- doc/environment: Documents LXD_CONF and LXD_GLOBAL_CONF env vars
- lxd/ip/link: MTU is an acronym and so should be uppercased in SetMtu function name
- lxd/ip/link: Renames Mtu field to MTU as it is an acronym
- lxd/device/device/utils/network: SetMTU usage
- lxd/network/network/utils: Removes InterfaceSetMTU
- lxd/network/network/utils: Adds InterfaceStatus function
- lxd/device/infiniband/physical: SetMTU usage
- lxd/device/infiniband/sriov: SetMTU usage
- lxd/device/nic/macvlan: SetMTU usage
- lxd/device/nic/physical: SetMTU usage
- lxd/device/nic/sriov: SetMTU usage
- lxd/network/driver/bridge: SetMTU usage
- lxd/network/network/utils/sriov: Updates sriovGetFreeVFInterface to use InterfaceStatus
- lxd/instances/get: Renames doContainersGet to doInstancesGet
- lxd/instances/get: Remove some of the container specific terminology in doInstancesGet
- lxd/instances/get: Remove potential source of nil pointer dereference panic in doInstancesGet
- lxd/instance: Don't use RawOperation
- lxc/storage: Fix bad merge
- lxd/images: Remove unused function
- i18n: Update translation templates
- lxd/device/pci: Adds DeviceIOMMUGroup function
- lxd/device/nic/physical: Pass pciIOMMUGroup number to VM driver
- lxd/device/nic/sriov: Pass pciIOMMUGroup number to VM driver
- lxd/instance/drivers/qmp/commands: Adds AddNIC function
- lxd/instance/drivers/driver/qemu/templates: Remove NIC specific templates
- lxd/instance/drivers/driver/qemu: Remove -chroot flag usage
- lxd/instance/drivers/driver/qemu: Converts NICs to be added via QMP rather than static config
- lxd/instance/qemu: queues is uint64
- lxd/instance/drivers/driver/qemu: Don't set multifunction=off as this upsets ccw driver
- lxd/operations: Remove code duplication
- lxd/operations: Close forwarded websocket
- shared/network: Fix channel handling in WebsocketProxy
- client: Update for WebsocketProxy change
- lxd/instance/drivers/qmp/commands: Adds Reset function
- lxd/instance/drivers/driver/qemu: Updates getMonitorEventHandler to handle guest RESET events
- lxd/instance/drivers/driver/qemu: Workaround QEMU bug that prevents QMP added devices from using their bootindex setting
- lxc: Use consistent messaging when offering to respawn interactive editor
- lxd/operations: Spacing
- lxd/operations: Fix bug in operationsGet and operationsGetByType that was overwriting list entries with loop iterator pointer
- lxc/cluster: Always use default project in list-tokens command
- lxd/db: Expose database stand-by role on cluster members
- lxd/main/init/interactive: Don't attempt to connect to all join token candidates
- lxd/operations/operations: Use structured logging in Cancel
- lxd/images: Include operation ID in error in imageValidSecret
- lxd/certificates: Include operation ID in error in clusterMemberJoinTokenValid
- lxd/api/cluster: Delete any existing join token operation for potential member in clusterNodesPost
- shared/subprocess/proc: Add exit code to error message
- lxd/images: Maintain image public indicator when copying to member in imageSyncBetweenNodes
- lxd/images: Improve logging in imageSyncBetweenNodes
- lxd/images: Improve error message in imageSyncBetweenNodes
- lxd/daemon/images: Adds ImageDownloadArgs type
- lxd/daemon/images: Updates ImageDownload to accept ImageDownloadArgs argument
- lxd/images: Updates imgPostRemoteInfo to use d.ImageDownload
- lxd/images: Updates imgPostURLInfo to use d.ImageDownload
- lxd/images: Improves error message in imagesPost
- lxd/images: Updates autoUpdateImage to use d.ImageDownload
- lxd/instances/post: Updates createFromImage to use ImageDownload
- lxd/images: Don't generate args for every member in imageSyncBetweenNodes
- shared/subprocess/proc: Adds context support to Wait
- lxd/instance/drivers/qemu: p.Wait() usage
- lxd/network/driver/bridge: Check dnsmasq process remains running after being started
- shared/subprocess: Fix tests to use p.Wait() with context
- tests: Support for database stand-by role on cluster members
- lxd/instance/drivers/qmp/commands: Improve comment on SendFile to aid searchability
- lxd/instance/drivers/driver/qemu: Only add bootindex if bootIndexes is non-empty
- lxd/instance/drivers/driver/qemu: bus name is populated later so these lines do nothing
- lxd/instance/drivers/driver/qemu: Switch to using monitor.SendFile to pass macvlan file descriptor to QEMU
- lxd/instance/drivers/driver/qemu: Updates addNetDevConfig to remove unused args and allow preconfiguring of port to be used
- README: Update IRC
- lxd-agent/main/agent: Log when rebooting
- lxd-agent/main/agent: Mount shares after vsock listener
- lxd/device/disk: VM directory share improvements
- lxd/instance/drivers/driver/qemu/templates: Always use virtfs-proxy-helper for 9p disk directory shares
- lxd/instance/drivers/driver/qemu: Return consistent error in setupNvram for missing EFI firmware file
- lxd/instance/drivers/driver/qemu: Log where lxd-agent is being installed from in generateConfigShare
- lxd/instance/drivers/driver/qemy: Always use virtfs-proxy-helper for 9p directory shares
- lxd/device/disk: Populate readonly mount option even for block device type disks
- lxd/instance/drivers/driver/qemu: Convert readonly mount option to readonly template boolean in addDriveConfig
- lxd/instance/drivers/driver/qemu/templates: Add support for readonly block device disks
- lxd/instance/drivers/driver/lxc: Add revert to deviceStart
- lxd/instance/drivers/driver/lxc: Add revert to updateDevices
- lxd/instance/drivers/driver/qemu: Add revert to updateDevices
- lxd/instance/drivers/qmp/commands: Adds revert to AddNIC
- lxd/device/disk: Add DiskVirtiofsdSockMountOpt constant
- lxd/device/disk: Add vmVirtfsProxyHelperPaths and vmVirtiofsdPaths functions
- lxd/device/disk: Update startVM to use d.vmVirtiofsdPaths and d.vmVirtfsProxyHelperPaths
- lxd/device/disk: Comment improvement in startVM
- lxd/device/disk: Check virtfs-proxy-helper has bound successfully in startVM
- lxd/device/disk: d.vmVirtiofsdPaths and d.vmVirtfsProxyHelperPaths usage in stopVM
- lxd/instance/drivers/driver/qemu: Update addDriveDirConfig to handle getting virtiofsd socket path from disk device mount options
- lxd/instance/drivers/driver/qemu: Improve comments in addDriveDirConfig
- lxd/instance/drivers/driver/qemu: Ensure bootindex is generated in a stable manner in deviceBootPriorities
- shared/api: Support for lxc monitor --pretty lifecycle events
- lxc: Support for lxc monitor --pretty lifecycle events
- lxd/device/errors: Add UnsupportedError type and update ErrUnsupportedDevType to use it
- lxd/device/device/utils/disk: Add DiskVMVirtiofsdStart and DiskVMVirtiofsdStop functions
- lxd/device/disk: Remove unnecessary log context field in startVM
- lxd/device/disk: Switch to using DiskVMVirtiofsdStart and DiskVMVirtiofsdStop functions for virtiofsd management
- lxd/instance/drivers/driver/qemu: Switch to using device.DiskVMVirtiofsdStart and device.DiskVMVirtiofsdStop for config drive virtiofsd management
- lxd/instance/drivers/driver/qemu: Add comment about 9p vs virtio-fs config drive shares in generateQemuConfigFile
- lxd/instance/drivers/driver/qemu: Clean up comments in removeDiskDevices and removeUnixDevices
- lxd/apparmor/instance/qemu: Allow rw access to instance devicesPath
- lxd/apparmor/instance/qemu: Make the difference between external device paths and devices in the instance devices path clearer
- lxd/instance/qemu: Remove duplicate key
- lxd/apparmor/instance: Switch to externalDevPaths template var
- lxd/apparmor/instance: Populate VM devicesPath var
- lxd/instance/drivers/driver/qemu: Don't add config disk path in the instance's devices directory to the external devPaths var
- lxc/publish: Fix ETag race condition
- lxd/storage/drivers/driver/zfs/utils: Retry ZFS recursive delete command
- tests: Test publishing ephemeral instance
- lxd/device/device/utils/disk: Adds DiskMountClear function
- lxd/instance/drivers/driver/qemu: Add configDriveMountPath and configDriveMountPathClear helper functions
- lxd/instance/drivers/driver/qemu: Comment
- lxd/instance/drivers/driver/qemu: Improve error in onStop
- lxd/instance/drivers/driver/qemu: Call device.DiskVMVirtiofsdStop and d.configDriveMountPathClear in cleanupDevices
- lxd/instance/drivers/driver/qemu: Bind mount config directory into instance devices directory as readonly
- lxd/instance/drivers/driver/qemu: Clearer var naming in generateQemuConfigFile
- lxd/instance/drivers/driver/qemu: Update 9p config drive share to use readonly bind mount in generateQemuConfigFile
- lxd/instance/drivers/driver/qemu: addDriveDirConfig comment tweak
- lxd/storage/drivers/driver/zfs/volumes: Retry zvol deactivation if ZFS ignores us in UnmountVolume
- lxd/device/disk: Update startContainer to mount pool volume before calling createDevice
- lxd/device/disk: Update startVM to mount directories as bind mounts
- lxd/device/disk: Rename reverter argument to revert in mountPoolVolume for consistency
- lxd/device/disk: Update createDevice to accept revert and pool volume source path override
- lxd/device/disk: Ensure that host-side device mounts are cleaned up in postStop
- lxd/device/disk: Rework wait for virtfs-proxy-helper socket in startVM for clarity
- lxd/device/disk: Remove check that prevents use of virtiofsd for readonly disks in startVM
- lxd/instance/drivers/driver/qemu: Remove check in addDriveDirConfig that prevents virtiofsd for readonly shares
- doc: mention /var/snap/lxd/common/lxd for snap users
- lxc cluster add shouldn't have any alias
- lxd: print the join token on a separate line
- tests: fix token extraction of
lxc cluster add - i18n: Update translation templates
- lxd/instance/qemu: Remove unused template
- lxd/lxd: Record requestor as part of lifecycle events
- lxd: Pass request to OperationCreate
- lxd-agent: Pass request to OperationCreate
- lxd/resources: Add swagger documentation for storage
- shared/api: Add swagger metadata to storage pools
- lxd/cluster: Add core.https_trusted_proxy
- lxd/storage: Add swagger documentation for pools
- shared/api: Split storage volume backup
- shared/api: Add swagger metadata to storage volumes
- lxd/storage/drivers/driver/zfs/volumes: Include unmount action in the revert hook returned from CreateVolumeFromBackup
- lxd/storage/backend/lxd: Improve error context returned when applying imported root disk quota
- lxd/instances/post: Improve post hook failed context in error
- lxd/instance/drivers/driver/qemu: Adds start and stop debug logging
- lxd/instance/drivers/driver/qemu: Clarifies return values of pid function
- lxd/instance/drivers/driver/qemu: Updated d.pid usage
- lxd/instance/drivers/driver/qemu: Comment clean up in Stop
- lxd/instance/drivers/driver/qemu: Dont start device cleanup in onStop until QEMU process has ended
- lxd/instance/drivers/driver/qemu: Increase max wait time for qemu process to exit
- lxd/images: pass publish expiration date to Export(); fallback to metadata.yaml expiration date
- lxd/instance/instance_interface.go: add expiration date parameter to Export()
- lxd/instance/drivers/driver_lxc: Export(): handle expiration date
- lxd/instance/drivers/driver_qemu: Export(): handle expiration date
- lxd/instance/drivers/driver/qemu: Fix logger in onStop
- lxd/cluster/heartbeat: Don't send heartbeat from member that doesn't know its own address
- lxd/endpoints: Update endpoints Config doc
- lxd/cluster/heartbeat: Get local cluster address from node.ClusterAddress in heartbeat
- lxd/storage: Add swagger documentation for volumes
- shared/api: Add swagger metadata for storage volume state
- shared/api: Add swagger metadata for storage volume snapshots
- lxd/storage: Add swagger documentation for volume snapshots
- lxd/storage: Fix operation type for snapshot rename
- shared/api: Add swagger metadata for storage volume backups
- lxd/swagger: Remove partial coverage warning
- lxd/swagger: Fix bad typing
- doc/rest-api: Strip and point to swagger
- doc/rest-api: Refresh swagger YAML
- README: Add liblz4-dev dependency when building from source
- doc: btrfs-tools was replaced by btrfs-progs after Bionic
- doc: bzr isn't used anymore
- doc/rest-api: Linkify API doc
- lxd/device: Add and use ErrMissingVirtiofsd
- lxd/endpoints: Support HAProxy protocol header
- lxd: Support HAProxy protocol header
- doc: Add core.https_trusted_proxy
- api: server_trusted_proxy
- lxd/instance/drivers/qmp/commands: Updates revert in AddNIC for consistency/clarity
- lxd/instance/drivers/qmp/commands: Adds RemoveNIC function
- lxd/instance/drivers/qmp/commands: Adds QueryPCI function and associated types
- lxd/device/nic: Enable VM hotplug for macvlan, bridged, p2p, physical and sriov NIC types
- lxd/instance/drivers/driver/common: Removes unnecessary check in runHooks
- lxd/instance/drivers/driver/qemu/bus: Adds busDevicePortPrefix constant and uses it
- lxd/instance/drivers/driver/qemu/templates: Uses busDevicePortPrefix constant indirectly
- lxd/instance/drivers/driver/qemu: Allocate 4 additional PCI slots for hotplugging in generateQemuConfigFile
- lxd/instance/drivers/driver/qemu: Adds qemuPCIDeviceIDStart constant
- lxd/instance/drivers/driver/qemu: Update addCPUMemoryConfig to just return cpu count if nil stringbuilder supplied
- lxd/instance/drivers/driver/qemu: Adds qemuNetDevIDPrefix and qemuDeviceIDPrefix constants
- lxd/instance/drivers/driver/qemu: qemuDeviceIDPrefix and qemuNetDevIDPrefix usage
- lxd/instance/drivers/driver/qemu: Adds deviceAttachNIC function
- lxd/instance/drivers/driver/qemu: Handle hotplugging NICs by using d.deviceAttachNIC from deviceStart
- lxd/instance/drivers/driver/qemu: Add revert to deviceStart
- lxd/instance/drivers/driver/qemu: Adds deviceDetachNIC function
- lxd/instance/drivers/driver/qemu: Updates deviceStop to hot unplug NICs
- lxd/resources: Set RPM to 1 instead of 0 when rotational
- include: add open_tree() and mount_setattr()
- doc/projects: Remove white list term
- Remove hang term
- Remove white term
- lxd/cluster/gateway: Remove black term
- Remove dummy term
- lxd/main/checkfeature: Remove dummy term
- shared/idmap/shift/linux: Rename set_dummy_fs_ns_caps to spoof_fs_ns_caps
- Remove sanity term
- Replace Sanity Checks with Quick Checks
- lxd/db: Update schema to apply removal of sanity term
- lxd: use idmapped mounts
- lxd: ensure absolute paths when hotplugging mounts
- forkmount: update terminology
- disk: allow the use of idmapped mounts
- seccomp: handle idmapped mounts
- lxd: split storage handling in startCommon() into separate helper
- lxd: remove remaining DiskIdmap call in startCommon()
- lxc/cluster: add command revoke-token to delete a cluster join token
- test/suites/clustering: add tests for revoke-token
- i18n: update translation templates
- Makefile: Add "build" target
- lxd/instance/drivers/driver/common: Adds Internal MAAS handling functions
- lxd/instance/drivers/driver/lxc: Switch to common MAAS handling functions
- lxd/instance/drivers/driver/qemu: Switch to common MAAS handling functions
- lxd/instance/drivers/load: Add revert arg to create
- lxd/instance/drivers/driver/common: Don't revert by calling inst.Delete() until after storage volume created in snapshotCommon
- lxd/instance/drivers/driver/lxc: Add revert arg to lxcCreate and don't call d.Delete() in revert steps
- lxd/instance/drivers/driver/qemu: Add revert arg to qemuCreate and don't call d.Delete() in revert steps
- lxd/instance/instance/utils: Updates Create signature with revert arg
- lxd/instance/instance/utils: Updates CreateInternal with a revert arg
- lxd: instance.CreateInternal usage in tests
- lxd/instance: Update instanceCreateAsEmpty to only revert with inst.Delete() after storage volume created
- lxd/instance: Updates instanceCreateFromImage to only revert with inst.Delete() after storage volume created
- lxd/instance: Updates instanceCreateAsCopy to only revert with inst.Delete() after storage volume created
- lxd/api/internal: instance.CreateInternal revert usage in internalImport
- lxd/instances/post: instance.CreateInternal usage in createFromMigration
- lxd/migrate/instance: Adds revert arg to Do function to allow usage of instance.CreateInternal
- lxd/migrate/instance: Add instance delete to revert after storage volume migration succeeded in Do
- lxd/instances/post: Updates createFromMigration to pass revert to instance.CreateInternal
- lxd/migrate/instance: Go var naming style suggestions
- lxd: check for new idmapped mounts extension in LXC
- lxd/storage/backend/lxd: Remove post hook resize from CreateInstanceFromBackup
- lxd/storage/drivers/driver/common: Adds createVolumeFromBackupInstancePostHookResize function
- lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook
- lxd/storage/drivers/driver/ceph/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook
- lxd/storage/drivers/driver/dir/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook
- lxd/storage/drivers/driver/lvm/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook
- lxd/storage/drivers/driver/zfs/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook
- lxd/storage/drivers/driver/generic/vfs: Adds VMConfigDriveMountDir constant
- lxd/storage/drivers/generic/vfs: Exclude config.mount directory in genericVFSBackupVolume
- lxd/instance/drivers/driver/qemu: storageDrivers.VMConfigDriveMountDir usage
- lxd/storage/drivers/utils: Adds force arg to shrinkFileSystem
- lxd/storage/drivers: SetVolumeQuota comment consistency
- lxd/storage/drivers/driver/ceph/volumes: shrinkFileSystem force arg usage
- lxd/storage/drivers/driver/lvm/volumes: shrinkFileSystem force arg usage
- lxd/storage/drivers/driver/common: runFiller comment improvement
- lxd/storage/drivers/driver/common: Enable unsafe resize for container volumes in createVolumeFromBackupInstancePostHookResize
- Revert "lxd/storage/backend/lxd: Remove post hook resize from CreateInstanceFromBackup"
- Revert "lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook"
- Revert "lxd/storage/drivers/driver/ceph/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook"
- Revert "lxd/storage/drivers/driver/lvm/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook"
- Revert "lxd/storage/drivers/driver/zfs/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook"
- lxd/storage/drivers/driver/dir/volumes: Remove call to createVolumeFromBackupInstancePostHookResize
- lxd/storage/drivers/volume: Add VolumePostHook type
- lxd/storage/drivers: Update CreateVolumeFromBackup and associated function to use VolumePostHook type
- lxd/revert/revert: Add Hook function type
- lxd/storage/backend: Update CreateInstanceFromBackup signature to use revert.Hook
- lxd/storage/drivers: Updates CreateVolumeFromBackup and associated function to use revert.Hook type
- lxd/storage/drivers/volume: Remove allowUnsafeResize var
- lxd/storage/drivers/volume: Add allowUnsafeResize arg to SetQuota and pass to SetVolumeQuota
- lxd/storage/drivers/interface: Add allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/backend/lxd: Add allowUnsafeResize arg to function returned from imageFiller
- lxd/storage/backend/lxd: b.driver.SetVolumeQuota usage
- lxd/storage/utils: Adds allowUnsafeResize arg to ImageUnpack and pass to vol.SetQuota()
- lxd/storage/drivers/utils: Adds allowUnsafeResize arg to ensureVolumeBlockFile
- lxd/storage/drivers/generic/vfs: d.SetVolumeQuota allowUnsafeResize arg usage
- lxd/storage/drivers/driver/btrfs/volumes: ensureVolumeBlockFile allowUnsafeResize arg usage and comment
- lxd/storage/drivers/driver/btrfs/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/ceph/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/cephfs/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/dir/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/lvm/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/zfs/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/mock/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/btrfs/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/ceph/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/dir/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/lvm/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/btrfs/mock: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/zfs/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/cephfs/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/types: Adds allowUnsafeResize arg to VolumeFiller's Fill function definition
- lxd/storage/drivers/driver/lvm/utils: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/dir/volumes: ensureVolumeBlockFile usage and comment
- lxd/storage/drivers/common: Updates runFiller to pass allowUnsafeResize arg to filler's Fill function as needed
- lxd/storage/drivers/driver/common: Updates createVolumeFromBackupInstancePostHookResize to pass allowUnsafeResize to driver.SetVolumeQuota
- lxd/storage/drivers/driver/common: Remove createVolumeFromBackupInstancePostHookResize
- lxd/storage/drivers/generic/vfs: Error check Unmount in post hook from genericVFSBackupUnpack
- lxd/storage/backend/lxd: Enable allowUnsafeResize for container imports in CreateInstanceFromBackup
- lxd/init: Update for token based join
- client: Simplify User-Agent logic
- lxd/daemon: Add forwarded requestor to context
- lxd/operations: Support forwarded requestor
- lxd/cluster: Pass original requestor around
- lxd: Pass request around
- lxd/storage/drivers/driver/zfs/volumes: Fix bug with VM optimized import not returning filesystem volume post hook
- lxd/daemon: updateCertificateCacheFromLocal usage
- lxd/certificates: Removes unused cert arg from updateCertificateCacheFromLocal
- lxd/request: Introduce new package
- lxd: Use the new request package
- lxd/device/nic/bridged: Allow using IP filtering with an unmanaged parent bridge
- lxd/firewall/firewall/interface: Adds parentManaged arg to InstanceSetupBridgeFilter
- lxd/firewall/drivers/drivers/nftables: InstanceSetupBridgeFilter signature
- lxd/firewall/drivers/driver/xtables: Adds parentManaged arg to InstanceSetupBridgeFilter
- lxd/firewall/drivers/drivers/xtables: Adds parentManaged arg to generateFilterIptablesRules
- lxd/device/nic/bridged: Updates d.state.Firewall.InstanceSetupBridgeFilter usage to provide managed parent indicator
- test: Include the managed bridge in the nic counters for bridged NIC filtering
- test: Add test for unmanaged bridge IP filtering
- lxd: update instructions for compilation from a release tarball
- lxd/init: show the new default value for password authentication
- doc/networks: Use n.n.n.n rather than a real IP 1.2.3.4 for example IP in systemd-resolve command
- doc/networks: Adds guide on how to get systemd to configure systemd-resolved on lxdbr0 start up
- api: clustering_update_cert
- shared/api: Add ClusterCertificatePut
- lxd/api: Add clusterCertificatePut
- doc/rest-api: Refresh Swagger YAML
- client: Add UpdateClusterCertificate
- lxd/cluster: Add NetworkUpdateCert
- lxc/cluster: Add update-certificate
- i18n: Update translation templates
- tests: Add cluster certificate update
- doc/clustering: Add section on update-certificate
- lxd/api/project: Error improvements in projectsPost
- lxd/api/project: Comment ending consistency in projectsPost
- lxd/api/project: Prevent project names that contain underscores in projectValidateName
- lxd/api/project: Comment ending consistency in projectPost
- lxd/api/project: Error improvements in projectPost
- lxd/api/project: Validate new project name not current when renaming in projectPost
- test: Add tests for banned underscore in project names during create and rename
- main/init: Define poolType type and constants
- main/init: Updates availableStorageDrivers to use poolType type and associated constants
- lxd/main/init/auto: Updates RunAuto to use poolType and associated constants
- main/init/interactive: Updates askStoragePool to use poolType and associated constants
- lxd/main/init: Remove hard coded remote storage driver types in availableStorageDrivers
- lxd/main/init/interactive: Fix possible confusing missing storage backends error in askStoragePool
- lxd/main/init/interactive: Don't default to ceph if not available in askStoragePool
- lxd/main/init/interactive: Use validate.Optional in askClustering
- shared/validate/validate/test: Adds tests for Required and Optional
- shared/validate/validate: Remove optional check in IsOneOf
- lxd/api/project: validate.IsOneOf optional usage
- lxd/storage: validate.IsOneOf optional usage
- lxd/storage/pools/config: validate.IsOneOf optional usage
- shared/instance: validate.IsOneOf optional usage
- lxd/network: validate.IsOneOf optional usage
- lxd/network/driver/bridge: More consistent use of validate.Optional for fan.underlay_subnet
- lxd/device/nic: Return -1 for Mtu in State() for bridged and ovn NICs if host interface not available
- shared/util: Fill Stderr in RunCommandWithFds
- shared/archive: Handle newer unsquashfs errors
- doc: fix cluster.https_address' description
- forkexec: handle broken close_range() backport in openSUSE Leap 15.3
- lxd/apparmor/instance: Move instance profile generation into new function instanceProfileGenerate
- lxd/apparmor/instance: Rename InstanceParse to InstanceValidate
- lxd/instance/drivers/driver/lxc: apparmor.InstanceValidate usage
- lxd/instance/drivers/driver/qemu: Validate raw.apparmor if changed
- doc/virtual-machines: Removes statement about VMs being considered experimental
- lxd/network/driver/bridge: Surface dnsmasq specific start up errors via a warning log entry
- client: Only retry target addresses if initial connection fails
- shared/api: Support for lxc monitor --pretty operation events
- lxc: Support for lxc monitor --pretty operation events
- lxd/instance/instance/interface: Adds Error field to Info struct
- lxd/instance/drivers/driver/lxc: Info.Error initialisation
- lxd/instance/drivers/driver/qemu: Populates Info.Error
- lxd/instance/drivers/driver/qemu: Adds detection of /dev/kvm in Info()
- lxd/instance/drivers/driver/qemu: Add check for vhost_vsock in Info()
- lxd/state/state: Removes NewState function
- lxd/daemon: state.State usage
- lxd/main/init: state.State usage
- lxd/state/test: State usage
- lxd/state/state: Move Context field first
- lxd/state/state: Adds InstanceTypes field to State
- lxd/instance/drivers/load: Adds supportedInstanceTypes cache and lock and adds SupportedInstanceTypes
- lxd/instance/instance/interface: Adds Type field to Info
- lxd/instance/drivers/driver/lxc: Populates Type in Info
- lxd/instance/drivers/driver/qemu: Populates Type in Info
- lxd/instance/drivers/load: Comment improvement
- lxd/daemon: Usage of instanceDrivers.SupportedInstanceTypes() in State() and init()
- lxd/api/1.0: instanceDrivers.SupportedInstanceTypes usage in api10Get
- lxd/instance: Removes instanceDriversCacheVal and supporting functions
- lxd/instance/instance/utils: Checks requested instance type is supported in CreateInternal
- lxd/include: include sys/wait.h in macro.h
- lxd/lifecycle: add lifecycle package
- lxd/lifecycle/instance/snapshot: add instance_snapshot
- lxd/lifecycle/instance/backup: add instance_backup
- test: add lifecycle package to static analysis
- lxd/events/events: change SendLifecycle to accept apt.EventLifecycle
- lxd/instance/instance/interface: add Operation
- lxd/instance/drivers/driver/common: add Operation
- lxd/instance/drivers/driver/common: fix IsStateful comment typo
- lxd/instance/drivers/driver/common: remove lifecycle function
- lxd/instance/drivers/driver/lxc: use InstanceAction for lifecycle events
- lxd/instance/drivers/driver/qemu: use InstanceAction for lifecycle events
- lxd/backup/backup/utils: remove Lifecycle
- lxd/backup/backup/instance: expose instance interface
- lxd/backup: use InstanceAction for lifecycle events
- lxd/backup/backup/instance: use InstanceAction for lifecycle events
- lxd/lifecycle/network: add network
- lxd/network/driver/common: use NetworkAction for lifecycle events
- lxd/lifecycle/instance: add InstanceExec
- lxd/instance/drivers/driver/lxc: handle Exec lifecycle events
- lxd/instance/drivers/driver/qemu: handle Exec lifecycle events
- lxd/lifecycle/instance: add InstanceConsole
- lxd/instance/drivers/driver/lxc: handle Console lifecycle events
- lxd/instance/drivers/driver/qemu: handle Console lifecycle events
- lxd/lifecycle/profile: add profile lifecycle events
- lxd/profiles: handle ProfileCreated lifecycle event
- lxd/profiles: handle ProfileUpdated lifecycle event
- lxd/profiles: handle ProfileRenamed lifecycle event
- lxd/device/proxy: Don't write out pid file until process has started OK
- lxd/instance/drivers/driver/lxc: Adds onStopOperationSetup function
- lxd/instance/drivers/driver/lxc: Call d.onStopOperationSetup from onStopNS
- lxd/instance/drivers/driver/lxc: Call d.onStopOperationSetup from onStop
- lxd/instance/drivers/driver/lxc: Move IsRunning to before creating start operation lock
- lxd/instance/drivers/driver/common: Move onStopOperationSetup from lxc driver and make generic
- lxd/instance/drivers/driver/lxc: Make Start, Stop and Shutdown locking and logging consistent with qemu driver
- lxd/instance/drivers/driver/qemu: Switch to d.onStopOperationSetup in onStop
- lxd/instance/drivers/driver/qemu: Increase onStop wait timeout to 5 minutes
- lxd/instance/drivers/driver/qemu: Comment consistency with lxc driver in Start
- lxd/profiles: handle ProfileDeleted lifecycle event
- lxd/lifecycle/instance/backup: add InstanceBackupRetrieved
- lxd/instance/backup: handle InstanceBackupRetrieved lifecycle event
- lxc/alias: workaround for subcommand errors
- lxc/config: workaround for subcommand errors
- lxc/config/metadata: workaround for subcommand errors
- lxc/config/device: workaround for subcommand errors
- lxc/config/template: workaround for subcommand errors
- lxc/cluster: workaround for subcommand errors
- lxc/image/alias: workaround for subcommand errors
- lxc/operation: workaround for subcommand errors
- lxc/project: workaround for subcommand errors
- lxc/file: workaround for subcommand errors
- lxc/remote: workaround for subcommand errors
- lxc/profile: workaround for subcommand errors
- lxc/storage: workaround for subcommand errors
- lxc/storage/volume: workaround for subcommand errors
- lxd/main/cluster: workaround for subcommand errors
- lxd/main/forkuevent: workaround for subcommand errors
- lxd/main/forkmount: workaround for subcommand errors
- lxd/main/forkfile: workaround for subcommand errors
- lxd/main/forknet: workaround for subcommand errors
- lxd/db/generate/root: workaround for subcommand errors
- lxd/db/generate/db: workaround for subcommand errors
- lxc/config/trust: workaround for subcommand errors
- lxc/image: workaround for subcommand errors
- lxc/network: workaround for subcommand errors
- lxd/firewall/drivers/drivers/xtables: Don't use ebtables --concurrent flag
- lxd/lifecycle/project: add project lifecycle events
- lxd/api/project: handle ProjectCreated lifecycle event
- lxd/api/project: handle ProjectUpdated lifecycle event
- lxd/api/project: handle ProjectRenamed lifecycle event
- lxd/api/project: handle ProjectDeleted lifecycle event
- lifecycle/instance: add InstanceFileRetrieved
- lifecycle/instance: add InstanceFilePushed
- lxd/instance: Fix error message
- lxd/instance/drivers/driver/common: Improve error logging in restartCommon
- lxd/instance/operationlock: Close chanDone after deleting operation from map in Done
- lxd/instance/drivers/driver/qemu: Don't fully regenerate config driver on start in generateConfigShare
- lxd/instance/drivers/driver/qemu: Remove config drive template files dir and regenerate
- lifecycle/instance: add InstanceFileDeleted
- lxd/instance/drivers/driver/qemu: handle InstanceFileRetrieved lifecycle event
- lxd/instance/drivers/driver/qemu: handle InstanceFilePushed lifecycle event
- lxd/instance/drivers/driver/qemu: handle InstanceFileDeleted lifecycle event
- lxd/instance/drivers/driver/lxc: handle InstanceFileRetrieved lifecycle event
- lxd/instance/drivers/driver/lxc: handle InstanceFilePushed lifecycle event
- lxd/instance/drivers/driver/lxc: handle InstanceFileDeleted lifecycle event
- lxd/endpoints: Deal with nil listener
- doc/index.md: Update CGO_LDFLAGS_ALLOW
- Makefile: Set CGO_LDFLAGS_ALLOW
- lxd/instance: Fix snapshot etag
- shared/api: Add Project to StorageVolumeSource
- client: Support for copy/move custom storage volume between projects
- lxd/storage: Support for copy/move custom storage volume between projects
- lxd: Support for copy/move custom storage volume between projects
- lxc/storage_volume: Support for copy/move custom storage volume between projects
- api: storage_api_project
- i18n: Update translation templates
- lxd/api/project: use nil for lifecycle event context
- lxd/api/project: use consistent renamed lifecycle event context field names
- lxd/api/project: remove redundant new_name from lifecycle context
- lxd/profiles: use nil for lifecycle event context
- lxd/profiles: use consistent renamed lifecycle event context field names
- lxd/profiles: remove redundant new_name from lifecycle context
- lxd/request/request: add CreateRequestor
- lxd/operations/operations: use CreateRequestor to create lifecycle requestor
- lxd/lifecycle/network: accept api.EventLifecycleRequestor as parameter
- lxd/lifecycle/project: accept api.EventLifecycleRequestor as parameter
- lxd/lifecycle/profile: accept api.EventLifecycleRequestor as parameter
- lxd/api/project: create requestor for lifecycle event
- lxd/profiles: create requestor for lifecycle event
- lxd/network/driver/common: remove create function and references
- lxd/network/driver/bridge: remove create references
- lxd/network/driver/common: remove lifecycle event handling
- lxd/networks: use clusterRequest alias for lxd/cluster/request package
- lxd/networks: add network lifecycle event handling with requestor
- Revert "client: Only retry target addresses if initial connection fails"
- lxd/lifecycle/profile: fix incorrect comments
- lxd/lifecycle/project: fix incorrect comments
- lxd/storage: Handled nil config map
- Makefile: Tweak quoting
- lxd/instances: Retry on autostart failure
- lxd/instances: Rework instancesRestart
- lxd/lifecycle/storage/pool: add storage_pool
- lxd/storage/pools: use clusterRequest alias for lxd/cluster/request package
- lxd/storage/pools: handle StoragePoolCreated lifecycle event
- lxd/storage/pools: handle StoragePoolUpdated lifecycle event
- lxd/storage/pools: handle StoragePoolDeleted lifecycle event
- lxd/lifecycle/image: add image
- lxd/lifecycle/image/alias: add image_alias
- lxd/images: handle ImageCreated lifecycle event
- lxd/daemon/images: handle ImageCreated lifecycle event
- lxd/images: handle ImageDeleted lifecycle event
- lxd/images: handle ImageUpdated lifecycle event
- lxd/images: handle ImageAliasCreated lifecycle event
- lxd/images: handle ImageAliasDeleted lifecycle event
- lxd/images: handle ImageAliasUpdated lifecycle event
- lxd/images: handle ImageAliasRenamed lifecycle event
- lxd/images: handle ImageRetrieved lifecycle event
- lxd/images: handle ImageRefreshed lifecycle event
- lxd/images: add swagger comment for imageAliasDelete
- doc/rest-api: Refresh Swagger YAML
- lxd/instance: Fix instance volume DB entry on copy
- lxd/main_init_interactive: only ask for server host name when no joining token was provided
- lxd/lifecycle/cluster: add cluster
- lxd/lifecycle/cluster/member: add cluster member
- lxd/api/cluster: use clusterRequest alias for lxd/cluster/request package
- lxd/api/cluster: handle ClusterEnabled lifecycle event
- lxd/api/cluster: handle ClusterDisabled lifecycle event
- lxd/api/cluster: handle ClusterTokenCreated lifecycle event
- lxd/api/cluster: handle ClusterCertificateUpdated lifecycle event
- lxd/api/cluster: handle ClusterMemberAdded lifecycle event
- lxd/api/cluster: handle ClusterMemberUpdated lifecycle event
- lxd/api/cluster: handle ClusterMemberRenamed lifecycle event
- lxd/api/cluster: handle ClusterMemberRemoved lifecycle event
- lxd/instances: Fixes potential crash in instancesRestart and improves logging
- client/util: Updates remoteOperationError to accept slice of remoteOperationResult
- client: remoteOperationError usage
- shared/network: RFC3493Dialer spacing
- shared: Moves lxd/cluster/isClientConnectionError to shared.IsConnectionError
- client/lxd/instance: Only try remote operation on different URL on connection error
- lxd/instance/drivers/driver/common: Adds isStartableStatusCode function
- lxd/instance/drivers/driver/lxc: Switch to d.isStartableStatusCode in Start()
- lxd/instance/drivers/driver/qemu: Switch to isStartableStatusCode in Start()
- lxd/instance/drivers/driver/qemu: If QMP socket not responding and QEMU process still exists then return Error status code
- lxd/ip: Support for 'bridge' and 'ip link show' commands
- lxd/ip: Support for 'tc' command
- lxd/device: Use ip package instead of 'tc' command
- lxd/device: Use ip package instead of 'bridge' command
- lxd/device: Use ip package instead of 'ip link' command
- lxd/instance/drivers/driver/common: Adds instanceInitiated return boolean to onStopOperationSetup
- lxd/instance/drivers/driver/lxc: Fix lifecycle shutdown event in onStop
- lxd/instance/drivers/driver/qemu: Fix lifecycle shutdown event in onStop
- lxd/instance/drivers/driver/lxc: Detect error status in Shutdown and return appropriate error
- lxd/instance/drivers/driver/qemu: Detect error status in Shutdown and return appropriate error
- lxd/instance/drivers/driver/qemu: Detect error status in Stop and forcefully kill qemu process if exists
- lxd/instance/drivers/driver/qemu: Handle internal-error status from QEMU
- lxd/instance/drivers/driver/qemu: Remove hung term from statusCode
- lxd/instance/drivers/driver/lxc: Remove hung term from getLxcState
- lxd/device/nic/bridged: Apply managed network validation checks when parent is set to a managed network
- test/suites/clustering: Fix tests to expect that creating container connected to pending network is forbidden
- tests: Update bridged NIC filtering tests to account for validation being improved
- lxd/device/nic/bridged: Allow use of static IPs with managed network that has DHCP disabled if IP filtering is in use
- lxd/device/nic/bridged: Ensure static IPs are specified when using IP filtering on unmanaged parent bridge
- lxd/instance/drivers/driver/qemu: Adds pidWait function
- lxd/instance/drivers/driver/qemu: Improve killQemuProcess to clarify its behaviour
- lxd/db/instances: Adds InstanceFilterAllInstances function
- lxd/db/instances/test: Updates tests with db.InstanceFilterAllInstances
- lxd/device/nic/bridged: Improve error for specifying static IP when DHCP disabled
- lxd/device/nic/bridged: Add checks to validateConfig for existing NICs with same IPs specified
- lxd/operations/operations: add SetRequestor
- lxd/lifecycle/storage/volume: add storage_volume
- lxd/storage/drivers/volume: add Pool
- lxd/storage/volumes: use empty operation with SetRequestor instead of nil
- lxd/networks: Add DNS record for gateway
- lxd/storage/backend/lxd: handle StorageVolumeCreated lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeUpdated lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeDeleted lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeRenamed lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeRestored lifecycle event
- lxd/lifecycle/storage/volume/snapshot: add storage_volume_snapshot
- lxd/storage/volumes/snapshot: use empty operation with SetRequestor instead of nil
- lxd/storage/backend/lxd: handle StorageVolumeSnapshotCreated lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeSnapshotRenamed lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeSnapshotDeleted lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeSnapshotUpdated lifecycle event
- lxd/device/nic/bridged: Improve performance of duplicate IP check in validateConfig
- test: Adds tests for duplicate static DHCP assignment
- lxd/device/nic/bridged: Check for duplicate MAC address in validateConfig
- test: Add tests for duplicate MAC address assignment for bridged NICs
- test: fix copy and paste error in duplicate static DHCP assignment
- lxd/main/cluster: fix the link in the "recover-from-quorum-loss" prompt
- lxd/network/network/utils/sriov: Add mutex to SRIOVFindFreeVirtualFunction to prevent concurrent start races
- doc: sort sysctl parameters
- doc: /proc/sched_debug normal mode is 444 so make it 400
- api: Adds server_instance_driver_operational extension
- doc/production-setup: ulimits tuning doesn't apply to snap users
- api: Adds server_supported_storage_drivers extension
- shared/api/server: Adds ServerStorageDriverInfo and adds StorageSupportedDrivers field to ServerEnvironment
- doc/rest-api: Refresh swagger YAML
- lxd/storage: Populates supported storage drivers cache var
- lxd/api/1.0: Updates readStoragePoolDriversCache usage and populates env.StorageSupportedDrivers
- lxd/main/init: Use server Environment for supported storage drivers
- lxd/lifecycle/certificate: add certificate
- lxd/certificates: use clusterRequest alias for lxd/cluster/request package
- lxd/certificates: handle CertificateCreated lifecycle event
- lxd/certificates: handle CertificateUpdated lifecycle event
- lxd/certificates: handle CertificateDeleted lifecycle event
- lxd/lifecycle/config: add config
- lxd/api/1.0: handle ConfigUpdated lifecycle event
- lxd/lifecycle/instance/log: add instance_log
- lxd/instance/logs: handle InstanceLogRetrieved lifecycle event
- lxd/instance/logs: handle InstanceLogDeleted lifecycle event
- lxd/lifecycle/instance/metadata: add instance_metadata
- lxd/lifecycle/instance/metadata/template: add instance_metadata_template
- lxd/instance/metadata: handle InstanceMetadataRetrieved lifecycle event
- lxd/instance/metadata: handle InstanceMetadataUpdated lifecycle event
- lxd/instance/metadata: handle InstanceMetadataTemplateRetrieved lifecycle event
- lxd/instance/metadata: handle InstanceMetadataTemplateCreated lifecycle event
- lxd/instance/metadata: handle InstanceMetadataTemplateDeleted lifecycle event
- lxd/lifecycle/operation: add operation
- lxd/operations: handle OperationCancelled lifecycle event
- lxd/lifecycle/instance: add InstanceConsoleRetrieved and InstanceConsoleReset lifecycle events
- lxd/instance/drivers/driver/lxc: handle InstanceConsoleReset and InstanceConsoleRetrieved lifecycle events
- shared/api: Add Address field to EventLifecycleRequestor
- docs/api-extensions: Fix typo
- lxd/api/cluster: use 'members' as name for ClusterTokenCreated lifecycle event
- lxd/lifecycle/certificate: include object in source for created lifecycle events
- doc: add events.md
- lxd/api/1.0: Wait until LXD fully started before applying API changes in doApi10UpdateTriggers
- lxc/cluster: Fix bad format string
- lxd/daemon: No need to call vmMonitor anymore as its served by devicesRegister
- lxd/devices: Add logging to devicesRegister
- lxd/instances: Remove unused vmMonitor
- shared/instance: Adds volatile.last_state.vsock_id to validation
- lxd/instance/drivers/driver/qemu: Adds volatile.last_state.vsock_id volatile key
- doc/instances: Documents volatile.last_state.vsock_id key
- client: Make staticcheck happy
- lxd-p2c: Make staticcheck happy
- lxc-to-lxd: Make staticcheck happy
- lxd-agent: Make staticcheck happy
- lxc: Make staticcheck happy
- lxd/instance/instance/utils: Adds cleanLogDir bool argument to CreateInternal
- lxd/request: Support for Address field
- api: event_lifecycle_requestor_address
- lxd: instance.CreateInternal usage
- doc: Renames volatile.last_state.vsock_id to volatile.vsock_id
- lxd/instance/drivers/driver/qemu: Renames volatile.last_state.vsock_id to volatile.vsock_id
- shared/instance: Renames volatile.last_state.vsock_id to volatile.vsock_id
- lxd/db/generate/file/write: add alternate build comment to generated files
- Makefile: add go formatting for update-schema
- lxd/node: Improve error handling
- lxd/storage/ceph: Improve version parsing
- i18n: Update translation templates
- lxd/device: Fix duplicate MAC test
- tests: Fix cluster networking test
試用環境 ¶
最新の LXD リリースを デモサービス で試せます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.16 リリースのお知らせ¶
9th of July 2021
はじめに ¶
LXD チームは LXD 4.16 のリリースをお知らせできることにとてもワクワクしています!
このリリースは新機能満載というわけではありません。しかし、既存のいくつかの機能にかなりの改良が加えられており、いくつか新機能が盛り込まれています。さらに、リファクタリング、バグ修正、全体的な改良など、直接見えない部分の変更もかなり加えられています。
Enjoy!
新機能とハイライト ¶
クラスター証明書の更新 ¶
クラスター全体の証明書を更新するための、新しい API とそれに対応する CLI の呼び出しを追加しました。これは、すべてのクラスターメンバーが持っている cluster.crt と cluster.key を効率的に更新します。そして、LXD も証明書を再読み込みします。
この機能は、Let's Encrypt のような有効な証明書を使って LXD クラスターを実行しようとしている人にとっては興味深い機能でしょう。このような場合、証明書の有効期間が短いため、置換手順の自動化が必要になるためです。
新しい証明書と秘密鍵を lxc cluster update-certificate コマンドに指定することで、すぐにクラスター全体の証明書と鍵が更新されます。
プロジェクト間のカスタムボリュームのコピー・移動 ¶
プロジェクト機能が最初に導入されて後の数回のリリースで、LXD はプロジェクト間でインスタンスを転送する機能が拡張してきました。しかし、カスタムボリュームには同等の機能がありませんでしたので、やっかいな状況が引き起こされたりしました。
この状況が改善され、カスタムストレージボリュームをプロジェクト間でコピーしたり移動したりできるようになりました。CLI はこれに合わせて更新され、同様に --target-project オプションを受け付けます。
lxc monitor --pretty のすべてのイベントタイプでの動作 ¶
LXD 4.15 でライフサイクルイベントが追加されたのに続き、lxc monitor --pretty が pretty 出力モードで実行されているときもoperationイベントタイプをサポートするようになりました。
これで LXD のイベントタイプすべてをカバーしましたので、lxc monitor --pretty の簡潔な出力を使って LXD サーバーのモニターが簡単になりました。
クラスター加入用トークンの簡単な revoke ¶
lxc cluster と lxc cluster list-tokens を、LXD 4.14 の新しいトークンベースのクラスターへの加入機能の一部として追加しました。しかし、この加入用のトークンを revoke する簡単な方法がありませんでした。
これは lxc operation cancel を使って実行できましたが、ちょっとした回避策のように感じられました。その結果、この用途に使える専用の lxc cluster revoke-token が使えるようになりました。
管理対象外ブリッジ上での IP フィルタリング ¶
LXD が管理していないブリッジを使っている場合でも、IPv4 と IPv6 のフィルタリング機能が使えるようになりました。この機能を使うためには、LXD がアドレスを認識できないので、ipv4.address もしくは ipv6.address エントリーが NIC デバイス上に存在していなければなりません。
これを設定すると、通常の security.ipv4_filtering と security.ipv6_filtering が期待通りに動作するようになります。
新しい警告 ¶
このリリースで、かなりの数の警告が追加されています。これらの警告は lxc warning list で見ることができ、必要に応じて確認応答(acknowledge)と削除ができます。
新しい警告は次の通りです。
- MAASへの接続の失敗
- ネットワークの起動の失敗
- クラスターメンバーのオフライン
- インスタンスの自動起動の失敗
raw.dnsmasqの使用によるネットワーク上の AppArmor の無効化- dnsmasq がサポートするより長い IPv6 プレフィックスの使用
- NAT を使ったプロキシーデバイスを使っている場合の
br_netfilter設定の欠如
新しい lifecycle イベント ¶
lifecycle イベント(lxc monitor からアクセス可能)は、最初はインスタンスの基本的なアクションのいくつかに限られていました。その後、インスタンスのほぼすべての変更をカバーするようになり、それからネットワークもカバーするようになりました。
LXD 4.16 では、LXD オブジェクトのすべてをカバーするようになりました。これにより、これらのイベントを、ログファイルを詳細に解析する必要なく、audit レポートに適した形にすることができるようになります。
イベントのすべてのリストは こちら で見ることができます。
すべての変更点(翻訳なし) ¶
このリリースでの完全な変更点のリストは次の通りです:
- lxd/resources: Set RPM to 1 instead of 0 when rotational
- include: add open_tree() and mount_setattr()
- doc/projects: Remove white list term
- Remove hang term
- Remove white term
- lxd/cluster/gateway: Remove black term
- Remove dummy term
- lxd/main/checkfeature: Remove dummy term
- shared/idmap/shift/linux: Rename set_dummy_fs_ns_caps to spoof_fs_ns_caps
- Remove sanity term
- Replace Sanity Checks with Quick Checks
- lxd/db: Update schema to apply removal of sanity term
- lxd: use idmapped mounts
- lxd: ensure absolute paths when hotplugging mounts
- forkmount: update terminology
- disk: allow the use of idmapped mounts
- seccomp: handle idmapped mounts
- lxd: split storage handling in startCommon() into separate helper
- lxd: remove remaining DiskIdmap call in startCommon()
- lxc/cluster: add command revoke-token to delete a cluster join token
- test/suites/clustering: add tests for revoke-token
- i18n: update translation templates
- lxd/db: Add UnableToConnectToMAAS warning
- lxd: Add unable to connect to MAAS warning
- Makefile: Add "build" target
- lxd/instance/drivers/driver/common: Adds Internal MAAS handling functions
- lxd/instance/drivers/driver/lxc: Switch to common MAAS handling functions
- lxd/instance/drivers/driver/qemu: Switch to common MAAS handling functions
- lxd/db: Add WarningAppArmorDisabledDueToRawDnsmasq
- lxd/warnings: Add resolve and delete functions
- lxd/network: Add disabled AppArmor warning
- lxd/network: Delete warnings when bridge is deleted
- Revert "lxd/main_init_interactive: replace empty validator for choosing cluster config with nil"
- lxd/instance/drivers/load: Add revert arg to create
- lxd/instance/drivers/driver/common: Don't revert by calling inst.Delete() until after storage volume created in snapshotCommon
- lxd/instance/drivers/driver/lxc: Add revert arg to lxcCreate and don't call d.Delete() in revert steps
- lxd/instance/drivers/driver/qemu: Add revert arg to qemuCreate and don't call d.Delete() in revert steps
- lxd/instance/instance/utils: Updates Create signature with revert arg
- lxd/instance/instance/utils: Updates CreateInternal with a revert arg
- lxd: instance.CreateInternal usage in tests
- lxd/instance: Update instanceCreateAsEmpty to only revert with inst.Delete() after storage volume created
- lxd/instance: Updates instanceCreateFromImage to only revert with inst.Delete() after storage volume created
- lxd/instance: Updates instanceCreateAsCopy to only revert with inst.Delete() after storage volume created
- lxd/api/internal: instance.CreateInternal revert usage in internalImport
- lxd/instances/post: instance.CreateInternal usage in createFromMigration
- lxd/migrate/instance: Adds revert arg to Do function to allow usage of instance.CreateInternal
- lxd/migrate/instance: Add instance delete to revert after storage volume migration succeeded in Do
- lxd/instances/post: Updates createFromMigration to pass revert to instance.CreateInternal
- lxd/migrate/instance: Go var naming style suggestions
- lxd: check for new idmapped mounts extension in LXC
- lxd/storage/backend/lxd: Remove post hook resize from CreateInstanceFromBackup
- lxd/storage/drivers/driver/common: Adds createVolumeFromBackupInstancePostHookResize function
- lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook
- lxd/storage/drivers/driver/ceph/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook
- lxd/storage/drivers/driver/dir/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook
- lxd/storage/drivers/driver/lvm/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook
- lxd/storage/drivers/driver/zfs/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook
- lxd/storage/drivers/driver/generic/vfs: Adds VMConfigDriveMountDir constant
- lxd/storage/drivers/generic/vfs: Exclude config.mount directory in genericVFSBackupVolume
- lxd/instance/drivers/driver/qemu: storageDrivers.VMConfigDriveMountDir usage
- lxd/storage/drivers/utils: Adds force arg to shrinkFileSystem
- lxd/storage/drivers: SetVolumeQuota comment consistency
- lxd/storage/drivers/driver/ceph/volumes: shrinkFileSystem force arg usage
- lxd/storage/drivers/driver/lvm/volumes: shrinkFileSystem force arg usage
- lxd/storage/drivers/driver/common: runFiller comment improvement
- lxd/storage/drivers/driver/common: Enable unsafe resize for container volumes in createVolumeFromBackupInstancePostHookResize
- lxd/db: Add WarningLargerIPv6PrefixThanSupported
- lxd/network: Create warning if IPv6 prefix is too large
- lxd/network/network/utils: Fix error reporting bug in parseIPRange
- lxd/network/network/utils/test: Fix tests in Example_parseIPRange to work with Go tip
- Revert "lxd/storage/backend/lxd: Remove post hook resize from CreateInstanceFromBackup"
- Revert "lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook"
- Revert "lxd/storage/drivers/driver/ceph/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook"
- Revert "lxd/storage/drivers/driver/lvm/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook"
- Revert "lxd/storage/drivers/driver/zfs/volumes: Updates CreateVolumeFromBackup to use createVolumeFromBackupInstancePostHookResize in generic post hook"
- lxd/storage/drivers/driver/dir/volumes: Remove call to createVolumeFromBackupInstancePostHookResize
- lxd/storage/drivers/volume: Add VolumePostHook type
- lxd/storage/drivers: Update CreateVolumeFromBackup and associated function to use VolumePostHook type
- lxd/revert/revert: Add Hook function type
- lxd/storage/backend: Update CreateInstanceFromBackup signature to use revert.Hook
- lxd/storage/drivers: Updates CreateVolumeFromBackup and associated function to use revert.Hook type
- lxd/storage/drivers/volume: Remove allowUnsafeResize var
- lxd/storage/drivers/volume: Add allowUnsafeResize arg to SetQuota and pass to SetVolumeQuota
- lxd/storage/drivers/interface: Add allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/backend/lxd: Add allowUnsafeResize arg to function returned from imageFiller
- lxd/storage/backend/lxd: b.driver.SetVolumeQuota usage
- lxd/storage/utils: Adds allowUnsafeResize arg to ImageUnpack and pass to vol.SetQuota()
- lxd/storage/drivers/utils: Adds allowUnsafeResize arg to ensureVolumeBlockFile
- lxd/storage/drivers/generic/vfs: d.SetVolumeQuota allowUnsafeResize arg usage
- lxd/storage/drivers/driver/btrfs/volumes: ensureVolumeBlockFile allowUnsafeResize arg usage and comment
- lxd/storage/drivers/driver/btrfs/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/ceph/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/cephfs/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/dir/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/lvm/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/zfs/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/mock/volumes: Adds allowUnsafeResize arg to SetVolumeQuota
- lxd/storage/drivers/driver/btrfs/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/ceph/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/dir/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/lvm/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/btrfs/mock: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/zfs/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/cephfs/volumes: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/types: Adds allowUnsafeResize arg to VolumeFiller's Fill function definition
- lxd/storage/drivers/driver/lvm/utils: d.SetVolumeQuota usage
- lxd/storage/drivers/driver/dir/volumes: ensureVolumeBlockFile usage and comment
- lxd/storage/drivers/common: Updates runFiller to pass allowUnsafeResize arg to filler's Fill function as needed
- lxd/storage/drivers/driver/common: Updates createVolumeFromBackupInstancePostHookResize to pass allowUnsafeResize to driver.SetVolumeQuota
- lxd/storage/drivers/driver/common: Remove createVolumeFromBackupInstancePostHookResize
- lxd/storage/drivers/generic/vfs: Error check Unmount in post hook from genericVFSBackupUnpack
- lxd/storage/backend/lxd: Enable allowUnsafeResize for container imports in CreateInstanceFromBackup
- lxd/init: Update for token based join
- client: Simplify User-Agent logic
- lxd/instances: Fix requestor in bulk state changes
- lxd/daemon: Add forwarded requestor to context
- lxd/operations: Support forwarded requestor
- lxd/cluster: Pass original requestor around
- lxd: Pass request around
- lxd/storage/drivers/driver/zfs/volumes: Fix bug with VM optimized import not returning filesystem volume post hook
- lxd/daemon: updateCertificateCacheFromLocal usage
- lxd/certificates: Removes unused cert arg from updateCertificateCacheFromLocal
- lxd/request: Introduce new package
- lxd: Use the new request package
- lxd/db: Add WarningProxyBridgeNetfilterNotEnabled
- lxd/warnings: Add more delete functions
- lxd/device: Warn if netfilter is disabled
- lxd/db: Add WarningNetworkStartupFailure
- lxd/network: Warn on network startup failure
- lxd: Delete warnings if network is deleted
- lxd/device/nic/bridged: Allow using IP filtering with an unmanaged parent bridge
- lxd/firewall/firewall/interface: Adds parentManaged arg to InstanceSetupBridgeFilter
- lxd/firewall/drivers/drivers/nftables: InstanceSetupBridgeFilter signature
- lxd/firewall/drivers/driver/xtables: Adds parentManaged arg to InstanceSetupBridgeFilter
- lxd/firewall/drivers/drivers/xtables: Adds parentManaged arg to generateFilterIptablesRules
- lxd/device/nic/bridged: Updates d.state.Firewall.InstanceSetupBridgeFilter usage to provide managed parent indicator
- test: Include the managed bridge in the nic counters for bridged NIC filtering
- test: Add test for unmanaged bridge IP filtering
- lxd: update instructions for compilation from a release tarball
- lxd/init: show the new default value for password authentication
- i18n: Update translation templates
- doc/networks: Use n.n.n.n rather than a real IP 1.2.3.4 for example IP in systemd-resolve command
- doc/networks: Adds guide on how to get systemd to configure systemd-resolved on lxdbr0 start up
- api: clustering_update_cert
- shared/api: Add ClusterCertificatePut
- lxd/api: Add clusterCertificatePut
- doc/rest-api: Refresh Swagger YAML
- client: Add UpdateClusterCertificate
- lxd/cluster: Add NetworkUpdateCert
- lxc/cluster: Add update-certificate
- i18n: Update translation templates
- tests: Add cluster certificate update
- doc/clustering: Add section on update-certificate
- lxd/api/project: Error improvements in projectsPost
- lxd/api/project: Comment ending consistency in projectsPost
- lxd/api/project: Prevent project names that contain underscores in projectValidateName
- lxd/api/project: Comment ending consistency in projectPost
- lxd/api/project: Error improvements in projectPost
- lxd/api/project: Validate new project name not current when renaming in projectPost
- test: Add tests for banned underscore in project names during create and rename
- main/init: Define poolType type and constants
- main/init: Updates availableStorageDrivers to use poolType type and associated constants
- lxd/main/init/auto: Updates RunAuto to use poolType and associated constants
- main/init/interactive: Updates askStoragePool to use poolType and associated constants
- lxd/main/init: Remove hard coded remote storage driver types in availableStorageDrivers
- lxd/main/init/interactive: Fix possible confusing missing storage backends error in askStoragePool
- lxd/main/init/interactive: Don't default to ceph if not available in askStoragePool
- lxd/main/init/interactive: Use validate.Optional in askClustering
- shared/validate/validate/test: Adds tests for Required and Optional
- shared/validate/validate: Remove optional check in IsOneOf
- lxd/api/project: validate.IsOneOf optional usage
- lxd/storage: validate.IsOneOf optional usage
- lxd/storage/pools/config: validate.IsOneOf optional usage
- shared/instance: validate.IsOneOf optional usage
- lxd/network: validate.IsOneOf optional usage
- lxd/network/driver/bridge: More consistent use of validate.Optional for fan.underlay_subnet
- lxd/cluster/config: Wraps images.default_architecture with validate.Optional due to IsOneOf change in IsArchitecture
- lxd/db: Add WarningOfflineClusterMember
- lxd/cluster: Add warning around heartbeat
- lxd/device/nic: Return -1 for Mtu in State() for bridged and ovn NICs if host interface not available
- shared/util: Fill Stderr in RunCommandWithFds
- shared/archive: Handle newer unsquashfs errors
- doc: fix cluster.https_address' description
- lxd/patches: Fix duplicate warnings
- forkexec: handle broken close_range() backport in openSUSE Leap 15.3
- lxc/warning: Introduce defaultWarningColumns
- lxc/warning: Hide location if not clustered
- lxd/apparmor/instance: Move instance profile generation into new function instanceProfileGenerate
- lxd/apparmor/instance: Rename InstanceParse to InstanceValidate
- lxd/instance/drivers/driver/lxc: apparmor.InstanceValidate usage
- lxd/instance/drivers/driver/qemu: Validate raw.apparmor if changed
- doc/virtual-machines: Removes statement about VMs being considered experimental
- lxd/network/driver/bridge: Surface dnsmasq specific start up errors via a warning log entry
- lxd/db/cluster: Rename "pending" to "state" in nodes table
- lxd/db: Use node's new State
- client: Only retry target addresses if initial connection fails
- shared/api: Add Project to StorageVolumeSource
- client: Support for copy/move custom storage volume between projects
- lxd/storage: Support for copy/move custom storage volume between projects
- lxd: Support for copy/move custom storage volume between projects
- lxc/storage_volume: Support for copy/move custom storage volume between projects
- api: storage_api_project
- i18n: Update translation templates
- shared/api: Support for lxc monitor --pretty operation events
- lxc: Support for lxc monitor --pretty operation events
- lxd/instance/instance/interface: Adds Error field to Info struct
- lxd/instance/drivers/driver/lxc: Info.Error initialisation
- lxd/instance/drivers/driver/qemu: Populates Info.Error
- lxd/instance/drivers/driver/qemu: Adds detection of /dev/kvm in Info()
- lxd/instance/drivers/driver/qemu: Add check for vhost_vsock in Info()
- lxd/state/state: Removes NewState function
- lxd/daemon: state.State usage
- lxd/main/init: state.State usage
- lxd/state/test: State usage
- lxd/state/state: Move Context field first
- lxd/state/state: Adds InstanceTypes field to State
- lxd/instance/drivers/load: Adds supportedInstanceTypes cache and lock and adds SupportedInstanceTypes
- lxd/instance/instance/interface: Adds Type field to Info
- lxd/instance/drivers/driver/lxc: Populates Type in Info
- lxd/instance/drivers/driver/qemu: Populates Type in Info
- lxd/instance/drivers/load: Comment improvement
- lxd/daemon: Usage of instanceDrivers.SupportedInstanceTypes() in State() and init()
- lxd/api/1.0: instanceDrivers.SupportedInstanceTypes usage in api10Get
- lxd/instance: Removes instanceDriversCacheVal and supporting functions
- lxd/instance/instance/utils: Checks requested instance type is supported in CreateInternal
- lxd/db/cluster: s/pending/state/
- lxd/patches: s/pending/state/
- lxd/include: include sys/wait.h in macro.h
- lxd/lifecycle: add lifecycle package
- lxd/lifecycle/instance/snapshot: add instance_snapshot
- lxd/lifecycle/instance/backup: add instance_backup
- test: add lifecycle package to static analysis
- lxd/events/events: change SendLifecycle to accept apt.EventLifecycle
- lxd/instance/instance/interface: add Operation
- lxd/instance/drivers/driver/common: add Operation
- lxd/instance/drivers/driver/common: fix IsStateful comment typo
- lxd/instance/drivers/driver/common: remove lifecycle function
- lxd/instance/drivers/driver/lxc: use InstanceAction for lifecycle events
- lxd/instance/drivers/driver/qemu: use InstanceAction for lifecycle events
- lxd/backup/backup/utils: remove Lifecycle
- lxd/backup/backup/instance: expose instance interface
- lxd/backup: use InstanceAction for lifecycle events
- lxd/backup/backup/instance: use InstanceAction for lifecycle events
- lxd/lifecycle/network: add network
- lxd/network/driver/common: use NetworkAction for lifecycle events
- lxd/lifecycle/instance: add InstanceExec
- lxd/instance/drivers/driver/lxc: handle Exec lifecycle events
- lxd/instance/drivers/driver/qemu: handle Exec lifecycle events
- lxd/lifecycle/instance: add InstanceConsole
- lxd/instance/drivers/driver/lxc: handle Console lifecycle events
- lxd/instance/drivers/driver/qemu: handle Console lifecycle events
- lxd/lifecycle/profile: add profile lifecycle events
- lxd/profiles: handle ProfileCreated lifecycle event
- lxd/profiles: handle ProfileUpdated lifecycle event
- lxd/profiles: handle ProfileRenamed lifecycle event
- lxd/device/proxy: Don't write out pid file until process has started OK
- lxd/instance/drivers/driver/lxc: Adds onStopOperationSetup function
- lxd/instance/drivers/driver/lxc: Call d.onStopOperationSetup from onStopNS
- lxd/instance/drivers/driver/lxc: Call d.onStopOperationSetup from onStop
- lxd/instance/drivers/driver/lxc: Move IsRunning to before creating start operation lock
- lxd/instance/drivers/driver/common: Move onStopOperationSetup from lxc driver and make generic
- lxd/instance/drivers/driver/lxc: Make Start, Stop and Shutdown locking and logging consistent with qemu driver
- lxd/instance/drivers/driver/qemu: Switch to d.onStopOperationSetup in onStop
- lxd/instance/drivers/driver/qemu: Increase onStop wait timeout to 5 minutes
- lxd/instance/drivers/driver/qemu: Comment consistency with lxc driver in Start
- lxd/profiles: handle ProfileDeleted lifecycle event
- lxd/lifecycle/instance/backup: add InstanceBackupRetrieved
- lxd/instance/backup: handle InstanceBackupRetrieved lifecycle event
- lxc/alias: workaround for subcommand errors
- lxc/config: workaround for subcommand errors
- lxc/config/metadata: workaround for subcommand errors
- lxc/config/trust: workaround for subcommand errors
- lxc/config/device: workaround for subcommand errors
- lxc/config/template: workaround for subcommand errors
- lxc/cluster: workaround for subcommand errors
- lxc/image: workaround for subcommand errors
- lxc/image/alias: workaround for subcommand errors
- lxc/network: workaround for subcommand errors
- lxc/network/acl: workaround for subcommand errors
- lxc/operation: workaround for subcommand errors
- lxc/project: workaround for subcommand errors
- lxc/warning: workaround for subcommand errors
- lxc/file: workaround for subcommand errors
- lxc/remote: workaround for subcommand errors
- lxc/profile: workaround for subcommand errors
- lxc/storage: workaround for subcommand errors
- lxc/storage/volume: workaround for subcommand errors
- lxd/main/cluster: workaround for subcommand errors
- lxd/main/forkuevent: workaround for subcommand errors
- lxd/main/forkmount: workaround for subcommand errors
- lxd/main/forkfile: workaround for subcommand errors
- lxd/main/forknet: workaround for subcommand errors
- lxd/db/generate/root: workaround for subcommand errors
- lxd/db/generate/db: workaround for subcommand errors
- lxd/firewall/drivers/drivers/xtables: Don't use ebtables --concurrent flag
- lxd/lifecycle/project: add project lifecycle events
- lxd/api/project: handle ProjectCreated lifecycle event
- lxd/api/project: handle ProjectUpdated lifecycle event
- lxd/api/project: handle ProjectRenamed lifecycle event
- lxd/api/project: handle ProjectDeleted lifecycle event
- lifecycle/instance: add InstanceFileRetrieved
- lifecycle/instance: add InstanceFilePushed
- lxd/instance: Fix error message
- lxd/instance/drivers/driver/common: Improve error logging in restartCommon
- lxd/instance/operationlock: Close chanDone after deleting operation from map in Done
- lxd/instance/drivers/driver/qemu: Don't fully regenerate config driver on start in generateConfigShare
- lxd/instance/drivers/driver/qemu: Remove config drive template files dir and regenerate
- doc/index.md: Update CGO_LDFLAGS_ALLOW
- lifecycle/instance: add InstanceFileDeleted
- lxd/instance/drivers/driver/qemu: handle InstanceFileRetrieved lifecycle event
- lxd/instance/drivers/driver/qemu: handle InstanceFilePushed lifecycle event
- lxd/instance/drivers/driver/qemu: handle InstanceFileDeleted lifecycle event
- lxd/instance/drivers/driver/lxc: handle InstanceFileRetrieved lifecycle event
- lxd/instance/drivers/driver/lxc: handle InstanceFilePushed lifecycle event
- lxd/instance/drivers/driver/lxc: handle InstanceFileDeleted lifecycle event
- Makefile: Set CGO_LDFLAGS_ALLOW
- lxd/endpoints: Deal with nil listener
- lxd/instance: Fix snapshot etag
- lxd/api/project: use nil for lifecycle event context
- lxd/api/project: use consistent renamed lifecycle event context field names
- lxd/api/project: remove redundant new_name from lifecycle context
- lxd/profiles: use nil for lifecycle event context
- lxd/profiles: use consistent renamed lifecycle event context field names
- lxd/profiles: remove redundant new_name from lifecycle context
- lxd/request/request: add CreateRequestor
- lxd/operations/operations: use CreateRequestor to create lifecycle requestor
- lxd/lifecycle/network: accept api.EventLifecycleRequestor as parameter
- lxd/lifecycle/project: accept api.EventLifecycleRequestor as parameter
- lxd/lifecycle/profile: accept api.EventLifecycleRequestor as parameter
- lxd/api/project: create requestor for lifecycle event
- lxd/profiles: create requestor for lifecycle event
- lxd/network/driver/common: remove create function and references
- lxd/network/driver/bridge: remove create references
- lxd/network/driver/ovn: remove create references
- lxd/network/driver/physical: remove create references
- lxd/network/driver/common: remove lifecycle event handling
- lxd/networks: use clusterRequest alias for lxd/cluster/request package
- lxd/networks: add network lifecycle event handling with requestor
- Revert "client: Only retry target addresses if initial connection fails"
- lxd/lifecycle/profile: fix incorrect comments
- lxd/lifecycle/project: fix incorrect comments
- lxd/storage: Handled nil config map
- Makefile: Tweak quoting
- lxd/instances: Retry on autostart failure
- lxd/warnings: Add instance autostart failure
- lxd/instances: Create persistent warning
- lxd/instances: Rework instancesRestart
- lxd/lifecycle/storage/pool: add storage_pool
- lxd/storage/pools: use clusterRequest alias for lxd/cluster/request package
- lxd/storage/pools: handle StoragePoolCreated lifecycle event
- lxd/storage/pools: handle StoragePoolUpdated lifecycle event
- lxd/storage/pools: handle StoragePoolDeleted lifecycle event
- lxd/lifecycle/image: add image
- lxd/lifecycle/image/alias: add image_alias
- lxd/images: handle ImageCreated lifecycle event
- lxd/daemon/images: handle ImageCreated lifecycle event
- lxd/images: handle ImageDeleted lifecycle event
- lxd/images: handle ImageUpdated lifecycle event
- lxd/images: handle ImageAliasCreated lifecycle event
- lxd/images: handle ImageAliasDeleted lifecycle event
- lxd/images: handle ImageAliasUpdated lifecycle event
- lxd/images: handle ImageAliasRenamed lifecycle event
- lxd/images: handle ImageRetrieved lifecycle event
- lxd/images: handle ImageRefreshed lifecycle event
- lxd/images: handle ImageSecretCreated lifecycle event
- lxd/images: add swagger comment for imageAliasDelete
- doc/rest-api: Refresh Swagger YAML
- lxd/instance: Fix instance volume DB entry on copy
- lxd/main_init_interactive: only ask for server host name when no joining token was provided
- lxd/lifecycle/cluster: add cluster
- lxd/lifecycle/cluster/member: add cluster member
- lxd/api/cluster: use clusterRequest alias for lxd/cluster/request package
- lxd/api/cluster: handle ClusterEnabled lifecycle event
- lxd/api/cluster: handle ClusterDisabled lifecycle event
- lxd/api/cluster: handle ClusterTokenCreated lifecycle event
- lxd/api/cluster: handle ClusterCertificateUpdated lifecycle event
- lxd/api/cluster: handle ClusterMemberAdded lifecycle event
- lxd/api/cluster: handle ClusterMemberUpdated lifecycle event
- lxd/api/cluster: handle ClusterMemberRenamed lifecycle event
- lxd/api/cluster: handle ClusterMemberRemoved lifecycle event
- lxd/instances: Fixes potential crash in instancesRestart and improves logging
- client/util: Updates remoteOperationError to accept slice of remoteOperationResult
- client: remoteOperationError usage
- shared/network: RFC3493Dialer spacing
- shared: Moves lxd/cluster/isClientConnectionError to shared.IsConnectionError
- client/lxd/instance: Only try remote operation on different URL on connection error
- lxd/instance/drivers/driver/common: Adds isStartableStatusCode function
- lxd/instance/drivers/driver/lxc: Switch to d.isStartableStatusCode in Start()
- lxd/instance/drivers/driver/qemu: Switch to isStartableStatusCode in Start()
- lxd/instance/drivers/driver/qemu: If QMP socket not responding and QEMU process still exists then return Error status code
- lxd/ip: Support for 'bridge' and 'ip link show' commands
- lxd/ip: Support for 'tc' command
- lxd/device: Use ip package instead of 'tc' command
- lxd/device: Use ip package instead of 'bridge' command
- lxd/device: Use ip package instead of 'ip link' command
- lxd/instance/drivers/driver/common: Adds instanceInitiated return boolean to onStopOperationSetup
- lxd/instance/drivers/driver/lxc: Fix lifecycle shutdown event in onStop
- lxd/instance/drivers/driver/qemu: Fix lifecycle shutdown event in onStop
- lxd/instance/drivers/driver/lxc: Detect error status in Shutdown and return appropriate error
- lxd/instance/drivers/driver/qemu: Detect error status in Shutdown and return appropriate error
- lxd/instance/drivers/driver/qemu: Detect error status in Stop and forcefully kill qemu process if exists
- lxd/instance/drivers/driver/qemu: Handle internal-error status from QEMU
- lxd/instance/drivers/driver/qemu: Remove hung term from statusCode
- lxd/instance/drivers/driver/lxc: Remove hung term from getLxcState
- lxd/device/nic/bridged: Apply managed network validation checks when parent is set to a managed network
- lxd/daemon: Warn if warnings cannot be created/resolved
- test/suites/clustering: Fix tests to expect that creating container connected to pending network is forbidden
- tests: Update bridged NIC filtering tests to account for validation being improved
- lxd/device/nic/bridged: Allow use of static IPs with managed network that has DHCP disabled if IP filtering is in use
- lxd/device/nic/bridged: Ensure static IPs are specified when using IP filtering on unmanaged parent bridge
- lxd/db/warnings: Improve context in warning unknown entity errors
- lxd/instance/drivers/driver/qemu: Adds pidWait function
- lxd/instance/drivers/driver/qemu: Improve killQemuProcess to clarify its behaviour
- lxd/db/warnings: Don't fail on failure to generate entity URL in ToAPI
- lxd/db/instances: Adds InstanceFilterAllInstances function
- lxd/db/entity: Use InstanceFilterAllInstances in GetURIFromEntity
- lxd/db/instances/test: Updates tests with db.InstanceFilterAllInstances
- lxd/db/warnings: Improve error in UpsertWarning
- lxd/db/warnings: Add DeleteWarningsByEntity function
- lxd/device/nic/bridged: Improve error for specifying static IP when DHCP disabled
- lxd/device/nic/bridged: Add checks to validateConfig for existing NICs with same IPs specified
- lxd/instance/drivers/driver/common: Adds warningsDelete function
- lxd/instance/drivers: Delete instance related persistent warnings on instance delete
- lxd/operations/operations: add SetRequestor
- lxd/lifecycle/storage/volume: add storage_volume
- lxd/storage/drivers/volume: add Pool
- lxd/storage/volumes: use empty operation with SetRequestor instead of nil
- lxd/networks: Add DNS record for gateway
- lxd/storage/backend/lxd: handle StorageVolumeCreated lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeUpdated lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeDeleted lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeRenamed lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeRestored lifecycle event
- lxd/lifecycle/storage/volume/snapshot: add storage_volume_snapshot
- lxd/storage/volumes/snapshot: use empty operation with SetRequestor instead of nil
- lxd/storage/backend/lxd: handle StorageVolumeSnapshotCreated lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeSnapshotRenamed lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeSnapshotDeleted lifecycle event
- lxd/storage/backend/lxd: handle StorageVolumeSnapshotUpdated lifecycle event
- lxd/lifecycle/storage/volume/backup: add storage_volume_backup
- lxd/storage/volumes/backup: handle StorageVolumeBackupCreated lifecycle event
- lxd/storage/volumes/backup: handle StorageVolumeBackupRenamed lifecycle event
- lxd/storage/volumes/backup: handle StorageVolumeBackupDeleted lifecycle event
- lxd/storage/volumes/backup: handle StorageVolumeBackupRetrieved lifecycle event
- lxd/device/nic/bridged: Improve performance of duplicate IP check in validateConfig
- test: Adds tests for duplicate static DHCP assignment
- lxd/device/nic/bridged: Check for duplicate MAC address in validateConfig
- test: Add tests for duplicate MAC address assignment for bridged NICs
- test: fix copy and paste error in duplicate static DHCP assignment
- lxd/main/cluster: fix the link in the "recover-from-quorum-loss" prompt
- lxd/network/network/utils/sriov: Add mutex to SRIOVFindFreeVirtualFunction to prevent concurrent start races
- doc: sort sysctl parameters
- doc: /proc/sched_debug normal mode is 444 so make it 400
- api: Adds server_instance_driver_operational extension
- doc/production-setup: ulimits tuning doesn't apply to snap users
- api: Adds server_supported_storage_drivers extension
- shared/api/server: Adds ServerStorageDriverInfo and adds StorageSupportedDrivers field to ServerEnvironment
- doc/rest-api: Refresh swagger YAML
- lxd/storage: Populates supported storage drivers cache var
- lxd/api/1.0: Updates readStoragePoolDriversCache usage and populates env.StorageSupportedDrivers
- lxd/main/init: Use server Environment for supported storage drivers
- lxd/lifecycle/network/acl: add network_acl
- lxd/network/acls: use clusterRequest alias for lxd/cluster/request package
- lxd/lifecycle/certificate: add certificate
- lxd/certificates: use clusterRequest alias for lxd/cluster/request package
- lxd/certificates: handle CertificateCreated lifecycle event
- lxd/certificates: handle CertificateUpdated lifecycle event
- lxd/certificates: handle CertificateDeleted lifecycle event
- lxd/lifecycle/config: add config
- lxd/api/1.0: handle ConfigUpdated lifecycle event
- lxd/lifecycle/warning: add warning
- lxd/warnings: handle WarningAcknowledged and WarningReset lifecycle event
- lxd/warnings: handle WarningDeleted lifecycle event
- lxd/lifecycle/instance/log: add instance_log
- lxd/instance/logs: handle InstanceLogRetrieved lifecycle event
- lxd/instance/logs: handle InstanceLogDeleted lifecycle event
- lxd/lifecycle/instance/metadata: add instance_metadata
- lxd/lifecycle/instance/metadata/template: add instance_metadata_template
- lxd/instance/metadata: handle InstanceMetadataRetrieved lifecycle event
- lxd/instance/metadata: handle InstanceMetadataUpdated lifecycle event
- lxd/instance/metadata: handle InstanceMetadataTemplateRetrieved lifecycle event
- lxd/instance/metadata: handle InstanceMetadataTemplateCreated lifecycle event
- lxd/instance/metadata: handle InstanceMetadataTemplateDeleted lifecycle event
- lxd/network/acls: handle NetworkACLCreated lifecycle event
- lxd/network/acls: handle NetworkACLDeleted lifecycle event
- lxd/network/acls: handle NetworkACLUpdated lifecycle event
- lxd/network/acls: handle NetworkACLRenamed lifecycle event
- lxd/lifecycle/operation: add operation
- lxd/operations: handle OperationCancelled lifecycle event
- lxd/lifecycle/instance: add InstanceConsoleRetrieved and InstanceConsoleReset lifecycle events
- lxd/instance/drivers/driver/lxc: handle InstanceConsoleReset and InstanceConsoleRetrieved lifecycle events
- i18n: Update translations from weblate
- docs/api-extensions: Fix typo
- lxd/api/cluster: use 'members' as name for ClusterTokenCreated lifecycle event
- lxd/lifecycle/certificate: include object in source for created lifecycle events
- lxd/lifecycle/network/acl: include object in source for created lifecycle events
- doc: add events.md
### 試用環境
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXC/LXD/LXCFS 2.0 - End of Life のお知らせ¶
14th of June 2021
はじめに ¶
2.0 LTS ブランチがサポート終了(End of Life)をむかえました。
これは次のプロジェクトに影響します:
- LXC 2.0(2016 年 4 月 6 日リリース)
- LXCFS 2.0(2016 年 3 月 31 日リリース)
- LXD 2.0(2016 年 4 月 11 日リリース)
5年以上にわたるバグフィックスとセキュリティメンテナンスを経て、これらのリリースはサポート期間が終了しました。
具体的には、これは新規リリースは今後行わず、対象の stable ブランチをクローズし、関連する CI を無効化します。
まだ対象のプロダクトをご利用のユーザーは、できるだけ早くサポートされているリリースへアップデートしてください。
長期サポートリリース ¶
開発元は LTS ブランチの 5 年間のサポートをコミットしています。 LTS ブランチは LXC、LXCFS、LXD に存在し、バグフィックスやセキュリティフィックスがバックポートされます。
LTS ブランチには新しい機能は追加されません。そして、最新の LTS ブランチにのみ、大部分のバグフィックスがバックポートされます。新しい LTS ブランチがリリースされると、その前の LTS ブランチにはセキュリティと重要なバグフィックスのみが適用されます。
サポート中のリリース ¶
現在サポート中の LTS リリースは 2 つあります。2023 年 6 月までサポートされる 3.0 リリースと、2025 年 6 月までサポートされる 4.0 です。
さらに、いくつかのプロジェクト(現在は LXD)では、もっと頻繁な機能(feature)リリースが行われます。このようなリリースは、長期的なサポートはなく、通常は次の機能リリースがリリースされるまでしかサポートされません。
LXD 4.15 リリースのお知らせ ¶
4th of June 2021
はじめに ¶
LXD チームは LXD 4.15 のリリースをお知らせできることにとてもワクワクしています!
このリリースは、ほぼすべての人に対する新機能が含まれたエキサイティングなリリースです。 そのトップを飾る機能は間違いなく LXD の仮想マシンでネットワークインターフェースをホットアド・削除(動的に追加・削除)する機能です。これにより仮想マシンの使用感がコンテナの使用感により近づきます。 他に、様々なコマンドライン、監査機能、クラスター機能も改良されています。
Enjoy!
新機能とハイライト ¶
VM でのネットワークインターフェースのホットプラグ ¶
実行中の仮想マシンに、最大で 4 つまでのネットワークインターフェースが追加できるようになりました。 また、既存のネットワークインターフェースを実行中の仮想マシンから削除することもできます。
この機能は PCI ホットプラグ機能に依存していますので、ゲスト OS が適切にそれを処理する必要があります。
シャットダウンのタイムアウトが設定可能に ¶
新たな設定 core.shutdown_timeout は、LXD がシャットダウンを指示されたときに、既存の操作の完了を待つ時間を何分にするかが制御します。
この設定で、5 分というデフォルト値を上書きできます。長く実行されているlxc exec セッションを中断することが問題にならない環境では、この時間を短くしたり、LXD が終了する前に、すべての既存の操作を完了させたいような環境では、この時間を長くしたりできます。
新しい永続的な警告(時間のずれ、AppArmor、virtiofs) ¶
LXD 4.14 で導入した警告 API に、さらに警告を追加しました。
追加したのは:
- (ハートビートを通して行う)クラスターの時刻のずれの検出
- AppArmor サポートの不足や破損
- virtiofs サポートの不足や破損
新しい警告は適切なときに lxc warning list で表示されます。そして lxc warning ack で確認済みにできます。警告はその警告の原因がなくなったときもクリアされます(例えば時刻のずれがあるシステム上で NTP を実行した後など)。
/dev/lxd API の Location フィールド ¶
/dev/lxd API にアクセスできるゲストは、LXD クラスター上で実行されているとき、どのサーバー上で実行されているかを知ることができるようになりました。これは、ピアが同じホスト上で動作しているかどうか(つまり同時にダウンする可能性があるかどうか)がわかるようになり、インスタンス内で高可用性サービスを設定するのに役立ちます。
root@shell01:~# curl -s --unix-socket /dev/lxd/sock lxd/1.0 | jq .location "abydos"
lxc config trust list コマンドの新たな type と name カラム ¶
LXD 4.14 で証明書タイプとして server が追加されたのを受けて、証明書ごとにカスタマイズ可能な名前とタイプを表示できるように lxc config trust list の出力の再実装を行いました。
stgraber@castiana:~$ lxc config trust list +--------+--------------------+----------------+--------------+------------------------------+------------------------------+ | TYPE | NAME | COMMON NAME | FINGERPRINT | ISSUE DATE | EXPIRY DATE | +--------+--------------------+----------------+--------------+------------------------------+------------------------------+ | client | nsec-ansible01 | root@ansible01 | f256b2ab81a0 | Mar 21, 2021 at 6:50pm (UTC) | Mar 19, 2031 at 6:50pm (UTC) | +--------+--------------------+----------------+--------------+------------------------------+------------------------------+ | client | stgraber-ansible01 | root@ansible01 | 58ea2754fe55 | Dec 16, 2020 at 3:07am (UTC) | Dec 14, 2030 at 3:07am (UTC) | +--------+--------------------+----------------+--------------+------------------------------+------------------------------+ | server | abydos | root@abydos | 1a9ab6d52b76 | Dec 14, 2020 at 5:58pm (UTC) | Dec 12, 2030 at 5:58pm (UTC) | +--------+--------------------+----------------+--------------+------------------------------+------------------------------+ | server | langara | root@langara | e3e4701ef455 | Dec 14, 2020 at 5:58pm (UTC) | Dec 12, 2030 at 5:58pm (UTC) | +--------+--------------------+----------------+--------------+------------------------------+------------------------------+ | server | orilla | root@orilla | d015dc8484da | Dec 14, 2020 at 5:58pm (UTC) | Dec 12, 2030 at 5:58pm (UTC) | +--------+--------------------+----------------+--------------+------------------------------+------------------------------+
データベースのスタンバイサーバーとして動作しているクラスターメンバーが確認可能に ¶
LXD クラスターでは、最初の 3 つのサーバーがデータベースサーバーとして動作します。そして、その次の 2 つがスタンバイデータベースサーバーとして動作し、残りのサーバーはクライアントとしてだけ動作します。そしてマシンの増減に応じてクラスター内で動的に役割を切り替えます。
この動きは変わっていませんが、どのサーバーがスタンバイデータベースサーバーであるかを知ることができるようになりました。
データーベースに参加しているサーバーはすべて、lxc cluster list で database フラグが YES に設定され、lxc cluster show を実行すると、ロールリストに database または database-standby のいずれかが表示されるようになりました。
lxc monitor --pretty がライフサイクルイベントをサポートしました ¶
すでに --type=logging でサポートされていたのと同様に、lxc monitor --type=lifecycle のコンパクトバージョンが --pretty フラグで利用できるようになりました。
stgraber@castiana:~$ lxc monitor --type=lifecycle --pretty INFO[06-04|13:34:46] Action: instance-restarted, Source: /1.0/instances/redoc
lxc publish への新しい --expire フラグの追加 ¶
lxc publish で、新たにタイムスタンプを使った --expire フラグが使えるようになりました。
このフラグは、インスタンスのイメージメタデータに既に存在する有効期限を上書きするために使います。
Requestor がライフサイクルイベントをを記録するようになりました ¶
ライフサイクルイベントが新たに requestor セクションを持つようになりました。ここで、プロトコルと、アクションを実行したユーザー情報が提供されるようになりました。
location: none
metadata:
action: instance-restarted
requestor:
protocol: unix
username: stgraber
source: /1.0/instances/redoc
timestamp: "2021-06-04T13:33:05.33764627-04:00"
type: lifecycle
メインの API エンドポイントでのプロキシーヘッダーのサポート ¶
新たな設定オプション core.https_trusted_proxy が追加されました。この設定には、LXD API のフロントに存在するリバースプロキシーサーバーを、カンマ区切りの IP アドレスのリストとして設定できます。
これにより、LXD クラスターの前面に HAProxy のようなプロキシーサーバーを置くことができるようになり、LXD のログでクライアントの IP アドレスが確認できるようにしたまま、クラスター全体にリクエストを送出できるようになります。
REST API がすべて swagger でカバーされるようになりました ¶
REST API 全体へのメタデータの追加が完了しました。従来のマークダウン形式の API ドキュメントを廃止し、Swagger 仕様へ変更しました。
そのドキュメントはこちらにあります: https://linuxcontainers.org/lxd/api/master/
すべての変更点(翻訳なし)¶
このリリースでの完全な変更点のリストは次の通りです:
- lxd/main/init/interactive: Clear config.Cluster.ClusterPassword after setting up trust
- lxc/config_trust: Add type and name columns
- [Doc] fix description of PATCH warning in rest-api.md
- tests: Update for trust list change
- i18n: Update translation templates
- [Doc] Fix remove duplicated sentences in doc/network-acls.md
- lxd/images: Improve logging
- lxd/api/1/0: Whitespace
- lxd/api/1/0: Update d.gateway.HeartbeatOfflineThreshold when cluster.offline_threshold is changed
- lxd/cluster/config: Add minThreshold to offlineThresholdValidator
- lxd/cluster/gateway: Add HeartbeatOfflineThreshold var
- lxd/cluster/heartbeat: Improve logging and errors in HeartbeatNode
- lxd/cluster/heartbeat: Actually use taskCtx in HeartbeatNode for HTTP request base
- lxd/cluster/heartbeat: Don't re-run Update as this throws away discovered node liveness times
- lxd/cluster/heartbeat: tx.SetNodeHeartbeat to actual last heartbeat time
- lxd/cluster/heartbeat: Update Send to support dynamic spread duration
- lxd/cluster/heartbeat: Adds heartbeatInterval function
- lxd/cluster/heartbeat: Updates HeartbeatTask to use gateway.heartbeatInterval
- lxd/cluster/heartbeat: Removes heartbeatInterval constant
- lxd/cluster/heartbeat: Updates heartbeat to use interval derived from offline threshold
- lxd/daemon: Populate d.gateway.HeartbeatOfflineThreshold on init
- lxd/daemon: Adds taskClusterHeartbeat var and populates it
- lxd/cluster/heartbeat: Logging improvements
- lxc: Update interactive editor fail message to indicate ctrl+c can be used to abort change
- i18n: Update translation templates
- shared/api: Add swagger metadata for instance backups
- lxd/instances: Swagger for backups
- lxd: Support for reading cluster certificate from file
- doc: cluster_certificate_path documentation
- shared/api: Add swagger metadata for image metadata
- lxd/instances: Swagger for instance metadata
- doc/rest-api: Refresh swagger YAML
- lxd/images: Fix typo in swagger
- lxd/network/openvswitch: Adds shared unquote function
- lxd/network/openvswitch: Replace strconv.Unquote with unquote
- lxd/network/driver/bridge: Reuse consistent bridgeLink var rather than keep creating new vars
- lxd/network/driver/bridge: Bring up vxlan tunnel link
- lxd/network/driver/bridge: Use clearer naming for different link types
- lxd/network/driver/bridge: Don't use Link suffix for var names that don't represent links
- lxd/instances: Unmount shiftfs on startup failures
- lxd/cluster: Add core.shutdown_timeout
- lxd/api/cluster: Check if LXD closing down in rebalanceMemberRoles
- lxd/api/cluster: Call rebalanceMemberRoles from internalClusterRaftNodeDelete
- lxd/cluster/gateway: Logging improvements
- lxd/daemon: Logging improvements
- lxd/images: Logging improvements
- shared/api: Add swagger metadata for instances
- lxd/instances: Swagger for instances
- doc/rest-api: Refresh swagger YAML
- lxd/cluster/gateway: Add heartbeatCancelLock and heartbeatCancel vars
- lxd/cluster/heartbeat: Introduces heartbeatMode type and constants for heartbeat modes
- lxd/cluster/heartbeat: Updates heartbeat to accept mode argument
- lxd/cluster/heartbeat: Make end of heartbeat log message include local address for clarity
- lxd/cluster/heartbeat: Adds heartbeatRestart function
- lxd/cluster: g.heartbeat() usage
- lxd/cluster/gateway: Call g.heartbeatRestart from HandlerFuncs when handling a heartbeat
- lxd/cluster/heartbeat/test: Fixes TestHeartbeat so that it waits for join notification heartbeats to occur
- lxd/daemon/images: imageDownloadLock typo
- lxd: Support for core.shotdown_timeout
- doc: Add core.shutdown_timeout
- lxd/storage/ceph: Always return VolumeUsage
- doc/production-setup: Cover name leakage
- lxd/apparmor/instance: Deref OVMF path
- lxd/device/pci: Adds DeviceIOMMUGroup function
- lxd/device/nic/physical: Pass pciIOMMUGroup number to VM driver
- lxd/device/nic/sriov: Pass pciIOMMUGroup number to VM driver
- lxd/instance/drivers/qmp/commands: Adds AddNIC function
- lxd/instance/drivers/driver/qemu: Adds one missing op.Done call and removes 2 unnecessary ones
- lxd/instance/drivers/driver/qemu/templates: Correct comment on qemuPCIPhysical
- lxd/instance/drivers/driver/qemu/templates: Remove NIC specific templates
- lxd/instance/drivers/driver/qemu: Remove -chroot flag usage
- lxd/instance/drivers/driver/qemu: Converts NICs to be added via QMP rather than static config
- lxd/instance/drivers/driver/qemu: Remove old pid file on start if exists
- lxd/cluster/heartbeat: Fix heartbeatInterval()
- lxd/instance/qemu: queues is uint64
- lxd: Support for location in devlxd api
- lxd/instance/qemu: Support for location in writeInstanceData
- lxd-agent: Support for location in devlxd api
- lxd/instance/qemu: Support for security.devlxd default (true) value
- doc/environment: Documents LXD_CONF and LXD_GLOBAL_CONF env vars
- lxd/ip/link: MTU is an acronym and so should be uppercased in SetMtu function name
- lxd/ip/link: Renames Mtu field to MTU as it is an acronym
- lxd/device/device/utils/network: SetMTU usage
- lxd/network/network/utils: Removes InterfaceSetMTU
- lxd/network/network/utils: Adds InterfaceStatus function
- lxd/device/infiniband/physical: SetMTU usage
- lxd/device/infiniband/sriov: SetMTU usage
- lxd/device/nic/macvlan: SetMTU usage
- lxd/device/nic/physical: SetMTU usage
- lxd/device/nic/sriov: SetMTU usage
- lxd/network/driver/ovn: SetMTU usage
- lxd/network/driver/bridge: SetMTU usage
- lxd/network/network/utils/sriov: Updates sriovGetFreeVFInterface to use InterfaceStatus
- lxd/network/driver/physical: SetMTU usage
- lxd/network/driver/physical: Check that physical parent interface has no global unicast IPs configured on it before starting
- lxd/network/driver/ovn: Updates startUplinkPortPhysical to check uplink has no global unicast IPs configured
- lxd/instance/drivers/driver/qemu: Don't set multifunction=off as this upsets ccw driver
- lxd/instances/get: Renames doContainersGet to doInstancesGet
- lxd/instances/get: Remove some of the container specific terminology in doInstancesGet
- lxd/instances/get: Remove potential source of nil pointer dereference panic in doInstancesGet
- lxd/instance: Don't use RawOperation
- lxd/operations: Remove code duplication
- lxd/operations: Close forwarded websocket
- shared/network: Fix channel handling in WebsocketProxy
- client: Update for WebsocketProxy change
- lxd/instance/drivers/qmp/commands: Adds Reset function
- lxd/instance/drivers/driver/qemu: Updates getMonitorEventHandler to handle guest RESET events
- lxd/instance/drivers/driver/qemu: Workaround QEMU bug that prevents QMP added devices from using their bootindex setting
- lxc: Use consistent messaging when offering to respawn interactive editor
- i18n: Update translation templates
- lxd/operations: Spacing
- lxd/operations: Fix bug in operationsGet and operationsGetByType that was overwriting list entries with loop iterator pointer
- lxc/cluster: Always use default project in list-tokens command
- lxd/db: Expose database stand-by role on cluster members
- lxd/main/init/interactive: Don't attempt to connect to all join token candidates
- lxd/operations/operations: Use structured logging in Cancel
- lxd/images: Include operation ID in error in imageValidSecret
- lxd/certificates: Include operation ID in error in clusterMemberJoinTokenValid
- lxd/api/cluster: Delete any existing join token operation for potential member in clusterNodesPost
- shared/subprocess/proc: Add exit code to error message
- lxd/images: Maintain image public indicator when copying to member in imageSyncBetweenNodes
- lxd/images: Improve logging in imageSyncBetweenNodes
- lxd/images: Improve error message in imageSyncBetweenNodes
- lxd/daemon/images: Adds ImageDownloadArgs type
- lxd/daemon/images: Updates ImageDownload to accept ImageDownloadArgs argument
- lxd/images: Updates imgPostRemoteInfo to use d.ImageDownload
- lxd/images: Updates imgPostURLInfo to use d.ImageDownload
- lxd/images: Improves error message in imagesPost
- lxd/images: Updates autoUpdateImage to use d.ImageDownload
- lxd/instances/post: Updates createFromImage to use ImageDownload
- lxd/images: Don't generate args for every member in imageSyncBetweenNodes
- shared/subprocess/proc: Adds context support to Wait
- lxd/instance/drivers/qemu: p.Wait() usage
- lxd/network/driver/bridge: Check dnsmasq process remains running after being started
- shared/subprocess: Fix tests to use p.Wait() with context
- tests: Support for database stand-by role on cluster members
- lxd/instance/drivers/qmp/commands: Improve comment on SendFile to aid searchability
- lxd/instance/drivers/driver/qemu: Only add bootindex if bootIndexes is non-empty
- lxd/instance/drivers/driver/qemu: bus name is populated later so these lines do nothing
- lxd/instance/drivers/driver/qemu: Switch to using monitor.SendFile to pass macvlan file descriptor to QEMU
- lxd/instance/drivers/driver/qemu: Updates addNetDevConfig to remove unused args and allow preconfiguring of port to be used
- lxd: Move ResolveWarningsByNodeAndType to separate package
- lxd/db: Add time skew warning type
- README: Update IRC
- lxd/cluster: Add cluster time skew warning
- lxd-agent/main/agent: Log when rebooting
- lxd-agent/main/agent: Mount shares after vsock listener
- lxd/device/disk: VM directory share improvements
- lxd/instance/drivers/driver/qemu/templates: Always use virtfs-proxy-helper for 9p disk directory shares
- lxd/instance/drivers/driver/qemu: Return consistent error in setupNvram for missing EFI firmware file
- lxd/instance/drivers/driver/qemu: Log where lxd-agent is being installed from in generateConfigShare
- lxd/instance/drivers/driver/qemy: Always use virtfs-proxy-helper for 9p directory shares
- lxd/device/disk: Populate readonly mount option even for block device type disks
- lxd/instance/drivers/driver/qemu: Convert readonly mount option to readonly template boolean in addDriveConfig
- lxd/instance/drivers/driver/qemu/templates: Add support for readonly block device disks
- lxd/instance/drivers/driver/lxc: Add revert to deviceStart
- lxd/instance/drivers/driver/lxc: Add revert to updateDevices
- lxd/instance/drivers/driver/qemu: Add revert to updateDevices
- lxd/instance/drivers/qmp/commands: Adds revert to AddNIC
- lxd/device/disk: Add DiskVirtiofsdSockMountOpt constant
- lxd/device/disk: Add vmVirtfsProxyHelperPaths and vmVirtiofsdPaths functions
- lxd/device/disk: Update startVM to use d.vmVirtiofsdPaths and d.vmVirtfsProxyHelperPaths
- lxd/device/disk: Comment improvement in startVM
- lxd/device/disk: Check virtfs-proxy-helper has bound successfully in startVM
- lxd/device/disk: d.vmVirtiofsdPaths and d.vmVirtfsProxyHelperPaths usage in stopVM
- lxd/instance/drivers/driver/qemu: Update addDriveDirConfig to handle getting virtiofsd socket path from disk device mount options
- lxd/instance/drivers/driver/qemu: Improve comments in addDriveDirConfig
- lxd/instance/drivers/driver/qemu: Ensure bootindex is generated in a stable manner in deviceBootPriorities
- shared/api: Support for lxc monitor --pretty lifecycle events
- lxc: Support for lxc monitor --pretty lifecycle events
- lxd: Move warning creation to the end of init()
- lxd/db: Add WarningAppArmorNotAvailable
- lxd/sys: Have OS.Init() return warnings
- lxd/sys: Add AppArmor warning
- lxd/device/errors: Add UnsupportedError type and update ErrUnsupportedDevType to use it
- lxd/device/device/utils/disk: Add DiskVMVirtiofsdStart and DiskVMVirtiofsdStop functions
- lxd/device/disk: Remove unnecessary log context field in startVM
- lxd/device/disk: Switch to using DiskVMVirtiofsdStart and DiskVMVirtiofsdStop functions for virtiofsd management
- lxd/instance/drivers/driver/qemu: Switch to using device.DiskVMVirtiofsdStart and device.DiskVMVirtiofsdStop for config drive virtiofsd management
- lxd/instance/drivers/driver/qemu: Add comment about 9p vs virtio-fs config drive shares in generateQemuConfigFile
- lxd/instance/drivers/driver/qemu: Clean up comments in removeDiskDevices and removeUnixDevices
- lxd/apparmor/instance/qemu: Allow rw access to instance devicesPath
- lxd/apparmor/instance/qemu: Make the difference between external device paths and devices in the instance devices path clearer
- lxd/instance/qemu: Remove duplicate key
- lxd/apparmor/instance: Switch to externalDevPaths template var
- lxd/apparmor/instance: Populate VM devicesPath var
- lxd/instance/drivers/driver/qemu: Don't add config disk path in the instance's devices directory to the external devPaths var
- lxc/publish: Fix ETag race condition
- lxd/storage/drivers/driver/zfs/utils: Retry ZFS recursive delete command
- tests: Test publishing ephemeral instance
- Revert "lxd/network/driver/physical: Check that physical parent interface has no global unicast IPs configured on it before starting"
- lxd/network/driver/ovn: Don't prevent the use of a physical uplink with IP addresses if the parent is a bridge
- lxd/device/device/utils/disk: Adds DiskMountClear function
- lxd/instance/drivers/driver/qemu: Add configDriveMountPath and configDriveMountPathClear helper functions
- lxd/instance/drivers/driver/qemu: Comment
- lxd/instance/drivers/driver/qemu: Improve error in onStop
- lxd/instance/drivers/driver/qemu: Call device.DiskVMVirtiofsdStop and d.configDriveMountPathClear in cleanupDevices
- lxd/instance/drivers/driver/qemu: Bind mount config directory into instance devices directory as readonly
- lxd/instance/drivers/driver/qemu: Clearer var naming in generateQemuConfigFile
- lxd/instance/drivers/driver/qemu: Update 9p config drive share to use readonly bind mount in generateQemuConfigFile
- lxd/instance/drivers/driver/qemu: addDriveDirConfig comment tweak
- lxd/storage/drivers/driver/zfs/volumes: Retry zvol deactivation if ZFS ignores us in UnmountVolume
- lxd/device/disk: Update startContainer to mount pool volume before calling createDevice
- lxd/device/disk: Update startVM to mount directories as bind mounts
- lxd/device/disk: Rename reverter argument to revert in mountPoolVolume for consistency
- lxd/device/disk: Detect unsupported non-filesystem volumes for containers in mountPoolVolume
- lxd/device/disk: Update createDevice to accept revert and pool volume source path override
- lxd/device/disk: Ensure that host-side device mounts are cleaned up in postStop
- lxd/device/disk: Rework wait for virtfs-proxy-helper socket in startVM for clarity
- lxd/device/disk: Remove check that prevents use of virtiofsd for readonly disks in startVM
- lxd/instance/drivers/driver/qemu: Remove check in addDriveDirConfig that prevents virtiofsd for readonly shares
- doc: mention /var/snap/lxd/common/lxd for snap users
- lxc cluster add shouldn't have any alias
- doc: mention /var/snap/lxd/common/lxd for snap users
- lxd: print the join token on a separate line
- tests: fix token extraction of
lxc cluster add - i18n: Update translation templates
- lxd/lxd: Record requestor as part of lifecycle events
- lxd: Pass request to OperationCreate
- lxd-agent: Pass request to OperationCreate
- lxd/resources: Add swagger documentation for storage
- shared/api: Add swagger metadata to storage pools
- lxd/cluster: Add core.https_trusted_proxy
- lxd/storage: Add swagger documentation for pools
- shared/api: Split storage volume backup
- shared/api: Add swagger metadata to storage volumes
- doc/rest-api: Refresh swagger YAML
- lxd/storage/drivers/driver/zfs/volumes: Include unmount action in the revert hook returned from CreateVolumeFromBackup
- lxd/storage/backend/lxd: Improve error context returned when applying imported root disk quota
- lxd/instances/post: Improve post hook failed context in error
- lxd/instance/drivers/driver/qemu: Adds start and stop debug logging
- lxd/instance/drivers/driver/qemu: Clarifies return values of pid function
- lxd/instance/drivers/driver/qemu: Updated d.pid usage
- lxd/instance/drivers/driver/qemu: Comment clean up in Stop
- lxd/instance/drivers/driver/qemu: Dont start device cleanup in onStop until QEMU process has ended
- lxc/publish: add --expire flag
- lxd/instance/drivers/driver/qemu: Increase max wait time for qemu process to exit
- lxd/images: pass publish expiration date to Export(); fallback to metadata.yaml expiration date
- lxd/instance/instance_interface.go: add expiration date parameter to Export()
- lxd/instance/drivers/driver_lxc: Export(): handle expiration date
- lxd/instance/drivers/driver_qemu: Export(): handle expiration date
- i18n: update translation templates
- lxd/instance/drivers/driver/qemu: Fix logger in onStop
- lxd/cluster/heartbeat: Don't send heartbeat from member that doesn't know its own address
- lxd/endpoints: Update endpoints Config doc
- lxd/cluster/heartbeat: Get local cluster address from node.ClusterAddress in heartbeat
- lxd/storage: Add swagger documentation for volumes
- shared/api: Add swagger metadata for storage volume state
- lxd/storage: Add swagger documentation for volume state
- shared/api: Add swagger metadata for storage volume snapshots
- lxd/storage: Add swagger documentation for volume snapshots
- lxd/storage: Fix operation type for snapshot rename
- shared/api: Add swagger metadata for storage volume backups
- lxd/storage: Add swagger documentation for volume backups
- lxd/swagger: Remove partial coverage warning
- lxd/swagger: Fix bad typing
- doc/rest-api: Strip and point to swagger
- doc/rest-api: Refresh swagger YAML
- lxd/db/warnings: Adds UpsertWarningLocalNode helper function
- lxd/warnings/warnings: Adds ResolveWarningsByLocalNodeAndType helper function
- lxd/daemon: d.cluster.UpsertWarningLocalNode and warnings.ResolveWarningsByLocalNodeAndType usage
- lxd/cluster/gateway: Only create persistent warning for cluster time skew when cluster is operational
- lxd/db/warnings: Convert Warning struct's TypeCode and Status to their custom types
- lxd/cgroup/init: db.Warning usage
- lxd/sys/apparmor: db.Warning usage
- lxd/db/warnings: db.Warning field usage in UpsertWarning
- lxd/db/warnings: Improve error in UpdateWarningStatus
- lxd/db/warnings: Renames UpdateWarningMessage to UpdateWarningState
- lxd/db/warnings: Improve error in UpdateWarningState
- lxd/db/warnings: Switch to tx.UpdateWarningState and fix bug preventing reoccurring warning to reactivate resolved warning
- lxd/daemon: w.TypeCode usage
- README: Add liblz4-dev dependency when building from source
- doc: btrfs-tools was replaced by btrfs-progs after Bionic
- doc: bzr isn't used anymore
- lxc/remote: accept fingerprint as input on confirming new remote
- doc/rest-api: Linkify API doc
- lxd/db: Add warning type WarningMissingVirtiofsd
- lxd/warnings: Add more resolver functions
- lxd/device: Add and use ErrMissingVirtiofsd
- lxd/instance/drivers: Add missing virtiofsd warning
- lxd/device: Add virtiofsd warning
- lxd/main_init_interactive: accept fingerprint as input on confirming cluster join
- i18n: update translation templates
- lxd/main_init_interactive: replace empty validator for choosing cluster config with nil
- lxd/endpoints: Support HAProxy protocol header
- lxd: Support HAProxy protocol header
- doc: Add core.https_trusted_proxy
- lxd/main_init_interactive: accept token as input on cluster join
- api: server_trusted_proxy
- lxd/instance/drivers/qmp/commands: Updates revert in AddNIC for consistency/clarity
- lxd/instance/drivers/qmp/commands: Adds RemoveNIC function
- lxd/instance/drivers/qmp/commands: Adds QueryPCI function and associated types
- lxd/device/nic: Enable VM hotplug for macvlan, bridged, p2p, physical and sriov NIC types
- lxd/instance/drivers/driver/common: Removes unnecessary check in runHooks
- lxd/instance/drivers/driver/qemu/bus: Adds busDevicePortPrefix constant and uses it
- lxd/instance/drivers/driver/qemu/templates: Uses busDevicePortPrefix constant indirectly
- lxd/instance/drivers/driver/qemu: Allocate 4 additional PCI slots for hotplugging in generateQemuConfigFile
- lxd/instance/drivers/driver/qemu: Adds qemuPCIDeviceIDStart constant
- lxd/instance/drivers/driver/qemu: Update addCPUMemoryConfig to just return cpu count if nil stringbuilder supplied
- lxd/instance/drivers/driver/qemu: Adds qemuNetDevIDPrefix and qemuDeviceIDPrefix constants
- lxd/instance/drivers/driver/qemu: qemuDeviceIDPrefix and qemuNetDevIDPrefix usage
- lxd/instance/drivers/driver/qemu: Adds deviceAttachNIC function
- lxd/instance/drivers/driver/qemu: Handle hotplugging NICs by using d.deviceAttachNIC from deviceStart
- lxd/instance/drivers/driver/qemu: Add revert to deviceStart
- lxd/instance/drivers/driver/qemu: Adds deviceDetachNIC function
- lxd/instance/drivers/driver/qemu: Updates deviceStop to hot unplug NICs
- lxc/config_trust: Support stdin and allow name override
- i18n: Update translation templates
- i18n: Update translations from weblate
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.14 リリースのお知らせ ¶
7th of May 2021
はじめに¶
LXD チームは LXD 4.14 のリリースをお知らせできることにとてもワクワクしています!
私たちにとっては少し短い開発サイクルでしたが、スタンドアローンとクラスターユーザーにとってすばらしい改善が行えたかなり忙しいサイクルでした。
Enjoy!
新機能とハイライト ¶
マネージドブリッジでの ACL サポート ¶
従来から存在するマネージドなブリッジでネットワーク ACL が使えるようになりました。
この機能は OVN ネットワークで使う場合とは少し異なります。通常のブリッジでトラフィックラベリングを使ったポートベースの ACL を実行する実用的な方法がなかったためです。
代わりに、1 つ以上の ACL をマネージドブリッジに結びつけ、それらの ACL をブリッジの入出力(egress/ingress)に結びつけることができます。ブリッジ内部のトラフィックはこれらの ACL の影響を受けません。
クラスターメンバー証明書 ¶
LXDは、各クラスターメンバーが他とは異なる自身のサーバー証明書を持ち、このサーバー証明書がメンバー間の通信に使われていることを確認します。
クライアントが使う API には、クラスターワイドの証明書が常に提供されているので、これで何かが変わるわけではありません。代わりに、この変更により、どのクラスターメンバーが特定のリクエストを送ったのかを簡単に検証できるようになり、以前のクラスターが削除された場合に、それ以上の通信を防ぐこともできるようになります。
注意: server.crt を直接使って、それが公開 TLS API と一致することを期待していた場合、クラスターでは当てはまりません。代わりに cluster.crt を使ってください。
クラスターメンバーの説明 ¶
クラスターメンバーに説明を設定できるようになりました。これは lxc cluter edit で編集でき、lxc cluster list で表示できます。
stgraber@castiana:~$ lxc cluster list +---------+-------------------------------------+----------+--------------+----------------+----------------------+--------+-------------------+ | NAME | URL | DATABASE | ARCHITECTURE | FAILURE DOMAIN | DESCRIPTION | STATE | MESSAGE | +---------+-------------------------------------+----------+--------------+----------------+----------------------+--------+-------------------+ | abydos | https://[2602:fd23:8:200::100]:8443 | YES | x86_64 | default | HIVE - top server | ONLINE | Fully operational | +---------+-------------------------------------+----------+--------------+----------------+----------------------+--------+-------------------+ | langara | https://[2602:fd23:8:200::101]:8443 | YES | x86_64 | default | HIVE - middle server | ONLINE | Fully operational | +---------+-------------------------------------+----------+--------------+----------------+----------------------+--------+-------------------+ | orilla | https://[2602:fd23:8:200::102]:8443 | YES | x86_64 | default | HIVE - bottom server | ONLINE | Fully operational | +---------+-------------------------------------+----------+--------------+----------------+----------------------+--------+-------------------+
クラスタートークンを使ったクラスターへの参加 ¶
事前に参加するサーバーの証明書をクラスターに追加しておいたり、共有のトラストパスワードに依存する必要がある代わりに、新しいクラスターメンバー用の使い捨てのトークンを生成できるようになりました。
lxc cluster add を使って次のように行います:
root@vm01:~# lxc cluster add vm02 Member vm02 join token: eyJzZXJ2ZXJfbmFtZSI6InZtMDIiLCJmaW5nZXJwcmludCI6IjkxYjE5MmEwZDBiZGRmZjdhYzI1NDE2NWMxNTI4N2Q2OWEyYmFmZDVhMTlhMjExYTc5ZjJiMDYzMTQ2NDZmNDYiLCJhZGRyZXNzZXMiOlsiMTcyLjE3LjE2LjgwOjg0NDMiXSwic2VjcmV0IjoiNThlMjlhZDc4MWI5NjRmN2UxMzMxNDgyMjVhNTc1ODNhMWEyNDY3YmRkMmE0MGVlZmU5ZDc3YWVmYzc0MzNhMiJ9
そして、参加時に、次のように指定します:
root@vm02:~# lxd init Would you like to use LXD clustering? (yes/no) [default=no]: yes What name should be used to identify this node in the cluster? [default=vm02]: What IP address or DNS name should be used to reach this node? [default=172.17.16.81]: Are you joining an existing cluster? (yes/no) [default=no]: yes Do you have a join token? (yes/no) [default=no]: yes Please provide join token: eyJzZXJ2ZXJfbmFtZSI6InZtMDIiLCJmaW5nZXJwcmludCI6IjkxYjE5MmEwZDBiZGRmZjdhYzI1NDE2NWMxNTI4N2Q2OWEyYmFmZDVhMTlhMjExYTc5ZjJiMDYzMTQ2NDZmNDYiLCJhZGRyZXNzZXMiOlsiMTcyLjE3LjE2LjgwOjg0NDMiXSwic2VjcmV0IjoiNTg1YzVhZDFhMzI4Mjg5YTkwYjc2NGMzMWM4MDdkNGViYTNiMDM3MDQ5OWNlMjA2MjgxNzQwYWQ4YWM2OWQ1MiJ9 All existing data is lost when joining a cluster, continue? (yes/no) [default=no] yes
サーバー警告 ¶
ログファイルに警告を入れるだけでなく、API を通して警告を提供できるようになりました。現時点では、cgroup の警告だけが提供されますが、将来のリリースで少しずつ使用されていくようになるでしょう。
警告はクラスターワイドで追跡され、(LXD が解決したことを検出できる場合は)解決されると自己解決できます。そして、警告を確認してそれを黙らせることもできます。
stgraber@castiana:~$ lxc warning list +--------------------------------------+---------------------------------------+--------+----------+-------+---------+----------+-----------------------------+ | UUID | TYPE | STATUS | SEVERITY | COUNT | PROJECT | LOCATION | LAST SEEN | +--------------------------------------+---------------------------------------+--------+----------+-------+---------+----------+-----------------------------+ | 51526df0-b71b-41ca-8936-5c8c9298111c | Couldn't find the CGroup blkio.weight | NEW | LOW | 1 | | | May 7, 2021 at 5:40pm (UTC) | +--------------------------------------+---------------------------------------+--------+----------+-------+---------+----------+-----------------------------+ stgraber@castiana:~$ lxc warning ack 51526df0-b71b-41ca-8936-5c8c9298111c stgraber@castiana:~$ lxc warning list +------+------+--------+----------+-------+---------+----------+-----------+ | UUID | TYPE | STATUS | SEVERITY | COUNT | PROJECT | LOCATION | LAST SEEN | +------+------+--------+----------+-------+---------+----------+-----------+ stgraber@castiana:~$ lxc warning list -a +--------------------------------------+---------------------------------------+--------------+----------+-------+---------+----------+-----------------------------+ | UUID | TYPE | STATUS | SEVERITY | COUNT | PROJECT | LOCATION | LAST SEEN | +--------------------------------------+---------------------------------------+--------------+----------+-------+---------+----------+-----------------------------+ | 51526df0-b71b-41ca-8936-5c8c9298111c | Couldn't find the CGroup blkio.weight | ACKNOWLEDGED | LOW | 1 | | | May 7, 2021 at 5:40pm (UTC) | +--------------------------------------+---------------------------------------+--------------+----------+-------+---------+----------+-----------------------------+
バックアップとスナップショットのプロジェクトでの制限 ¶
バックアップとスナップショットを制御するための新たなプロジェクトにおける制限のプロパティが追加されました。
バックアップとスナップショットは、CPU 時間とディスク容量の両方でリソースを消費するので、全プロジェクトユーザーに使用許可を与えたくない場合もあるでしょう。
restricted.snapshotsとrestricted.backupsという設定をこれらの制御に使えます。これらはインスタンスとカスタムボリュームのスナップショット・バックアップの両方に適用され、スケジュールされたスナップショットにも影響します。
デバイス設定のユーザー定義キー ¶
デバイス設定内に user.XYZ という形式の設定を直接使えるようになりました。
stgraber@castiana:~$ lxc config device set cgroup2 root user.foo bar stgraber@castiana:~$ lxc config device get cgroup2 root user.foo bar
LXD の API で、まだ user の名前空間が許可されていなかったのはここだけだったと思います。これが追加されたので、サードパーティーのツールが LXD オブジェクトに直接メタデータを追加するのが容易になるはずです。
さらなる自動生成の REST-API ドキュメント ¶
API に swagger メタデータを追加する作業がさらに進みました。インスタンスのエンドポイントの半分以上がカバーされ、残りのエンドポイントも近日中に追加される予定です。これでドキュメント化の残りはストレージ API だけになりました。
これは LXD 4.15 で完了するでしょう。
仮で生成したものがこちらにあります: https://dl.stgraber.org/swag-lxd/
すべての変更点(翻訳なし) ¶
このリリースでの完全な変更点のリストは次のとおりです:
- lxd/firewwall/drivers/drivers/nftables: Changes nftables to use a single inet table rather than separate ip and ip6 tables
- test: Updates proxy tests to check nftables inet table
- tests: Fix failure on 5.11 kernel
- lxd/network/acl/driver/common: Improve error messages in d.validateRuleSubjects
- lxd/network/acl/driver/common: Allow single IP addresses in source/destination subjects
- lxd/network/driver/ovn: Renames logName var to logPrefix
- lxd/network/acl/acl/ovn: Handle single IP in source/destination subjects
- lxd/network/acl/acl/ovn: Renames logName arg to logPrefix in OVNApplyInstanceNICDefaultRules
- lxd/firewall/drivers/drivers/xtables: Don't check for existing rule in iptablesAdd
- lxd/firewall/drivers/drivers/xtables: Updates d.iptablesChainExists to return if chain has any rules
- shared/validate/validate: Check IsNetworkPortRange range starts lower than end
- forkexec: log more failures
- Revert "lxd/firewall/drivers/drivers/xtables: Don't check for existing rule in iptablesAdd"
- lxd/daemon/images: Adds imageDownloadLock function
- lxd/daemon/images: Use d.imageDownloadLock in ImageDownload
- lxd/daemon/images: Improve error messages in ImageDownload
- lxd/instance: Improve error messages in instanceCreateFromImage
- lxd/instance: Use d.imageDownloadLock in instanceCreateFromImage
- lxd/firewall/drivers/drivers/xtables: Only add multiple instance <> instance NAT rules for proxy if connect port range used in InstanceSetupProxyNAT
- lxd/firewall/drivers/drivers/xtables: Don't look for existing rules in iptablesAdd
- lxd/firewall/drivers/drivers/nftables: Only add multiple instance <> instance NAT rules for proxy if connect port range used in InstanceSetupProxyNAT
- lxd/network/acl/driver/common: Add check for incorrect use of mixed IP family subjects in validateRule
- lxd/network/acl/driver/common: Improve IP family validation for ICMP
- lxd/networks: Updates doNetworksCreate to skip network validation during pre-join phase
- lxd/network/acl/driver/common: Fix typo
- lxd/project: Only consider syscall interception as low-level
- lxd/network/driver/bridge: Validate ACL options
- lxd/firewall/firewall/interface: Adds NetworkApplyACLRules function
- lxd/firewall/drivers/drivers/consts: Adds ACL field to Opts to indicate we should ready firewall setup for ACL rules
- lxd/firewall/drivers/drivers/consts: Define ACLRule type
- lxd/network/acl/acl/firewall: Adds ACL firewall helper functions
- lxd/network/acl/acl/interface: Adds clientType to Update
- lxd/network/acl/acl/load: Add Config field to NetworkACLUsage
- lxd/network/acl/acl/load: Update NetworkUsage to return bridge and ovn networks
- lxd/network/acl/driver/common: Modifies Update to support clientType arg
- lxd/network/acls: Pass clientType to netACL.Update
- lxd/network/driver/ovn: Populate acl.NetworkACLUsage Config field
- lxd/network/driver/bridge: Set ACL field in fwOpts if ACLs specified
- lxd/network/driver/bridge: Apply ACLs on network start
- lxd/firewall/drivers/drivers/xtables: Add ACL support
- lxd/firewall/drivers/drivers/nftables: NetworkApplyACLRules WIP
- test: Adds container_devices_nic_bridged_acl test for bridge ACL tests with iptables and nftables
- api: Adds network_bridge_acl extension
- doc/networks: Adds security.acls* config keys for bridge networks
- doc: Adds network ACLs limitations section and links to it from bridge security.acls config key
- shared/simplestreams: Improve error messages
- lxd/daemon/images: Improve error messages
- client/simplestreams/images: Improve error messages
- test/godeps.list: Adds github.com/pkg/errors
- Renames container_devices_nic_bridged_acl test file to align with other tests
- test: Fix Udhcpc6 detection for nic bridged acl tests
- lxd: don't set device cgroup values for unpriv containers
- lxd/storage: Re-introduce cluster distributino of volume snapshots
- lxc/remote: Only update URL in set-url
- lxd/instance/drivers: Don't overwrite template triggers
- lxd/daemon/images: Removes unnecessary imagesDownloadingLock mutex
- lxc: Fix help for string arguments
- tests: Fix apply_template check
- lxd/cluster/membership: Updates Bootstrap to generate new cluster certificate
- lxd/util/encryption: Comment on LoadCert
- lxd/util/encryption: Adds LoadClusterCert function
- test: load cluster.crt not server.crt when bootstrapping a cluster
- lxc-to-lxd: Fix TestConvertNetworkConfig loopback only test
- lxd/db: Add cluster ToAPI
- lxd: Switch to using GetNodes
- lxd/cluster: Drop List function
- tests: Update for current cluster messages
- lxd/lxd: Prevent multiple routed NIC devices from using "auto" gateway mode
- lxd/db: Add node ID to StorageVolumeArgs
- lxd/storage/volumes/snapshots: Updates autoCreateCustomVolumeSnapshotsTask to always snapshot local custom volumes
- lxd/storage/volumes/snapshots: Update autoCreateCustomVolumeSnapshots return value
- lxd/storage/volumes/snapshots: Adds comments to autoCreateCustomVolumeSnapshots
- lxd: Move image-refresh to /internal/testing/
- test/suites: Use /internal/testing/image-refresh
- lxc/storage_volume: Properly use cluster target
- lxc/storage_volume: Add missing target
- vm/qemu: configure spice using -spice parameter
- lxd/storage_volume_snapshots: Fix cluster redirection
- lxd/db/storage: Properly increment snapshots
- lxd/storage_pools: Fix ordering of pool delete
- lxd/endpoint: Retry binding on startup
- lxd/instance/qemu: Move to query-cpus-fast
- shared/api/certificate: Adds certificate type constants
- lxd/db/certificates: Adds CertificateAPITypeToDBType and ToAPIType functions
- lxd/db/certificates: Comment on Certificate
- lxc: Switch to CertificateTypeClient constant
- lxd: Switch to CertificateTypeClient constant
- lxd-p2c/utils: Switch to CertificateTypeClient constant
- lxd/util/encryption: Adds LoadServerCert function
- lxd/certificates: updateCertificateCache error quoting consistency
- lxd/certificates: Store certificateCache by certificate type
- lxd/certificates: db.CertificateAPITypeToDBType usage and set certificate type to server
- lxd/certificates: Comment ending consistency
- lxd/daemon: Adds getTrustedCertificates function
- lxd/daemon: Update Authenticate to use d.getTrusterCertificates
- lxd/daemon: Comment ending consistency in Authenticate
- lxd/daemon: Ensure d.clientCerts.Projects isn't accessed without a lock
- tests: Removes use of -v flag for nc inside busybox
- lxd/network/driver/bridge: Don't attempt to setup ipv6 firewall when no ipv6.address
- lxd/swagger: Add NotFound response
- lxd/snapshots: Fix multiple schedules
- lxd/images: Ignore intervals on manual refreshes
- api: Add warnings
- shared/api: Add warning structs
- lxd/db/cluster: Create warnings table
- lxd/db: Add operation type OperationWarningsPruneResolved
- lxd/db: Allow object retrieval by ID
- lxd/db: Add getURIFromEntity
- lxd/db: Add warning severity
- lxd/db: Add warning types
- lxd/db: Add warning status
- lxd/db: Add warning functions
- lxd: Add warnings endpoints
- lxd: Prune resolved warnings
- lxd: Add internal /testing/warnings endpoint
- client: Add warning functions
- lxc: Add warning sub-command
- test: Add warnings test
- po: Update translations
- lxd/db: Fix typo in error
- doc/rest-api: Refresh swagger YAML
- doc/rest-api: Add warnings
- lxd: Add function to resolve warnings by their type code
- lxd/db: Add GetWarningsByType
- lxd/db: Add CGroup warning types
- lxd/cgroup: Replace Log() with Warnings()
- lxd: Handle CGroup logging and warnings in daemon
- lxd/util/http: Fix CheckTrustState to block access for revoked certificates that were formerly trusted
- lxd/certificates: Adds comment about the importance of a check related to CA mode in certificatesPost
- test: Remove trusted remote before checking adding untrusted remote
- test: Don't use CA PKI generated server certs for LXD
- test/deps: Removes alternative pre-generated server cert and key
- test: Remove LXD_ALT_CERT
- test: Update PKI tests to comply with expectations of revocation behaviour
- lxd/ip: Add ip package
- lxd/device: Replace ip command with ip package
- lxd: Replace ip command with ip package
- lxd/network: Replace ip command with ip package
- lxd/openvswitch: Replace ip command with ip package
- tests: Add ip package to static_analysis test
- lxd/networks/utils: Log forkdns refresh task starting in networkUpdateForkdnsServersTask
- lxd/db/node: Adds certificates table to local database
- lxd/db/certificates: Adds GetCertificates function
- lxd/db/certificates: Adds ReplaceCertificates function
- lxd/db/certificates: Adds DeleteCertificateByNameAndType function
- lxd/certificates: Fix import ordering
- lxd/certificates: Updates updateCertificateCache to handle per-certificate upgrade
- Revert "lxd/instance/qemu: Move to query-cpus-fast"
- lxd/certificates: Adds updateCertificateCacheFromLocal function
- lxd/certificates: Notify other cluster members of certificate update in doCertificateUpdate
- lxd/certificates: Notify other cluster members of certificate deletion in certificateDelete
- lxd/certificates: Allow certificate type change in doCertificateUpdate
- lxd/certificates: cluster.ErrCertificateExists and serverCert usage in certificatesPost
- lxd/daemon: Adds serverCert and serverCertInt vars
- lxd/daemon: Updates State to populate serverCert
- lxd/daemon: Load trusted server certs from local DB on startup using updateCertificateCacheFromLocal
- lxd/daemon: Refresh cached trusted certificates when heartbeat node count changes in NodeRefreshTask
- lxd/daemon: Pass d.serverCert and networkCert to startClusterTasks Add
- lxd/daemon: Updates Authenticate to check trusted server certs
- lxd/state: Updates NewState to have a serverCert and updateCertificateCache arg
- lxd/state: Update tests with NewState usage
- lxd/util/http: Updates CheckTrustState to use networkCert argument
- lxd/cluster/notify: Update NewNotifier to accept networkCert and serverCert args
- lxd/cluster/tls: Update tlsClientConfig to accept networkCert and serverCert
- lxd/cluster/tls: Updates tlsCheckCert to accept networkCert and serverCert
- lxd/cluster/connect: Adds ErrCertificateExists var
- lxd/cluster/connect: Updates Connect to accept networkCert and serverCert args
- lxd/cluster/connect: Updates SetupTrust to accept serverName arg
- lxd/cluster/connect: Adds UpdateTrust function
- lxd/cluster/connect: Updates HasConnectivity to accept networkCert and serverCert
- lxd/cluster/events: Updates events functions to accept networkCert and serverCert
- lxd/cluster/gateway: Store networkCert and serverCert in Gateway and update NewGateway
- lxd/cluster/gateway: Updates HandlerFuncs to accept trustedCerts function
- lxd/cluster/gateway: HasConnectivity usage
- lxd/cluster/gateway: Update Reset to handle networkCert
- lxd/cluster/gateway: tlsClientConfig usage
- lxd/cluster/gateway: loadInfo usage
- lxd/cluster/heartbeat: tlsClientConfig in Send and Heartbeat
- lxd/cluster/upgrade: Updates NotifyUpgradeCompleted with networkCert and serverCert args
- lxd/cluster/membership: Adds EnsureServerCertificateTrusted function
- lxd/cluster/membership: Updates Bootstrap to store serverCert in trusted certificates table
- lxd/cluster/membership: Update Join to handle per-server certificates
- lxd/cluster/membership: Updates notifyNodesUpdate to handle serverCert
- lxd/cluster/membership: HasConnectivity usage
- lxd/cluster/membership: Update Purge to remove trusted server certificate
- lxd/cluster: Update tests to work with changes
- lxd/api: d.gateway.HandlerFuncs usage
- lxd/api/cluster: Updates clusterPutJoin to handle per server certificates
- lxd/api/cluster: d.gateway.Reset usage
- lxd/api/cluster: Call updateCertificateCache in clusterNodeDelete after certificate removed
- lxd/api/cluster/test: server name as cert name
- lxd/main/init: state.NewState usage
- lxd/main/init/interactive: cluster.SetupTrust usage and serverCert naming for consistency
- lxd: cluster.NewNotifier usage
- lxd: cluster.Connect and related function usage
- lxd/patches: Adds patchClusteringServerCertTrust
- doc/clustering: Update guide to show that cluster.crt on bootstrap member should be used
- test: Add check for trusted server certificate removal on cluster member removal
- test: Update table count check to account for local certificates table
- lxd/firewall/drivers/drivers/nftables: Require kernel version >= 5.2 to allow support for inet table NAT rules
- test/suites: Update warning tests
- lxd/images: Specify image type during distribution
- client/connection: Correct HTTPs to HTTPS in ConnectPublicLXD
- lxd/operations: Clarify return values in comment on Render
- lxd/db/operations: Adds GetOnlineNodesWithRunningOperationsOfType function
- lxd/operations: Adds operationCancel function
- lxd/operations: Adds operationsGetByType function
- lxd/images: Updates imageValidSecret to accept projectName and opType arguments
- lxd/images: projectName argument in createTokenResponse
- lxd/images: imageValidSecret usage
- lxd/operations: Updates operationsGet to use projectName when retrieving remote operations
- lxd/operations: Updates operationsGetByType to use projectName when retrieving remote operations
- lxd/instances: Swagger for logs
- lxd/instances: Update error message
- lxd/instances: Swagger for files
- doc/rest-api: Refresh swagger YAML
- lxc/warning: Fix argument parsing
- lxc/warning: Fix usage and comments
- i18n: Update translation templates
- lxd/project: Add AllowBackupCreation and AllowSnapshotCreation
- lxd/projects: Add restricted.backups and restricted.snapshots
- lxd: Support for restricted.backups and restricted.snapshots
- api: projects_restricted_backups_and_snapshots
- doc/projects: Add restricted.backups and restricted.snapshots
- shared/api: Add swagger metadata for instance exec
- lxd/instances: Swagger for exec
- lxd/swagger: Fix json name of metadata
- shared/api: Add swagger metadata for instance state
- lxd/instances: Swagger for state
- shared/api: Add swagger metadata for instance console
- lxd/instances: Swagger for console
- shared/api: Add swagger metadata for instances
- lxd/instances: Swagger for instance
- doc/rest-api: Refresh swagger YAML
- lxd/instance/qmp: Switch to query-cpus-fast
- lxd/apparmor: Respect LXD_OVMF_PATH
- lxd/daemon: Improved logging in NodeRefreshTask
- lxd/db/operations: Import ordering
- lxd/db/operations/types: Adds OperationClusterJoinToken type
- lxd/db/operations: Replace GetOnlineNodesWithRunningOperationsOfType with GetOperationsOfType
- lxd/operations: Updates operationCancel with correct remote address
- lxd/operations: Fixes operationsGetByType to filter operations by type correctly
- lxd/node/raft/test: Corrects typo
- api: Adds clustering_join_token extension
- shared/api/cluster: Adds ClusterMembersPost type
- shared/api/cluster: Adds ClusterMemberJoinToken type
- lxd/api/cluster: Adds clusterNodesPost handler
- client/interfaces: Adds CreateClusterMember function to interface
- client/lxd/cluster: Adds CreateClusterMember function
- lxc/cluster: Add lxc cluster add command
- lxd/certificates: Adds clusterMemberJoinTokenValid and clusterMemberJoinTokenDecode functions
- lxd/certificates: Updates certificatesPost to check supplied password against active cluster join token operations
- lxd/main/init/interactive: Adds join token support to askClustering
- lxc/cluster: Adds cluster list-tokens command
- lxc/cluster: Adds clusterJoinTokenOperationToAPI function
- lxd/operations: Updates OperationClass.String() to use constants from shared/api
- shared/api/operations: Adds operation class name constants
- doc/clustering: Adds details on using the join token during adding cluster members
- i18n: Update translation templates
- test: Adds overridable join secret to spawn_lxd_and_join_cluster
- test: Adds join token tests to clustering_membership
- test: Increase the offline thresholds to above 12 as heartbeat interval is hardcoded to 10
- doc/rest-api: Refresh swagger YAML
- Makefile: Set GO111MODULE=on for update-api swagger build
- shared/api: Fix snapshot structs
- lxc/config: Update following InstanceSnapshotPut fix
- shared/api: Add swagger metadata for instance snapshots
- lxd/instances: Swagger for snapshots
- doc/rest-api: Refresh swagger YAML
- i18n: Update translations from weblate
- shared/units: Add GetByteSizeStringIEC
- lxc/project: Use IEC units in info
- api: clustering_description
- shared/api: Add cluster member description
- lxd: Expose cluster member description
- lxc/cluster: Tweak cluster list, add description
- Revert "test: Increase the offline thresholds to above 12 as heartbeat interval is hardcoded to 10"
- api: Adds description back for clustering_join_token extension
- lxd/images: Dont log error in autoSyncImagesTask when not clustered
- lxd/images: Make logging consistent in autoSyncImagesTask
- lxd/db/node: Display last heartbeat time in ToAPI
- tests: Update for project info change
- lxc: Add -f as shorthand for --format
- lxd/devices: Allow user.XYZ
- lxd/db/node: Updates SetNodeHeartbeat to return ErrNoSuchObject if row doesn't exist to be updated
- lxd/db/query/retry: Use errors.Cause in Retry
- lxd/cluster/heartbeat: Single call to time.Now() in heartbeat
- lxd/cluster/heartbeat: Fixes bug in heartbeat that causes heartbeat round to be discarded if member removed during round
- lxd/cluster/heartbeat: Keep error handling from g.currentRaftNodes together
- lxd/cluster/heartbeat: Error logging consistency
- lxd/cluster/heartbeat: Use contextual logging
- lxd/cluster/events: Improve logging consistency in eventsUpdateListeners
- lxd/task/group: Adds context arg to Start
- lxd/task/start: Add context arg to Start
- lxd/task: Start context usage
- lxd/daemon: Updates Start functions usage by passing daemon context
- lxd/images: Improve logging in imageSyncBetweenNodes
- test: Add lxc cluster list before comparison in test_clustering_handover for visibility into cluster state
- test: Separate stop and publish commands in test_clustering_image_replication
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.0.6 LTS リリースのお知らせ ¶
6th of May 2021
はじめに ¶
LXD チームが LXD 4.0.6 のリリースをお知らせします!
このリリースは、2025 年 6 月までサポートされる LXD 4.0 に対する 6 つめのバグフィックスリリースです。
バグ修正と改良 ¶
このリリースには、開発ブランチからの数カ月分のバグフィックスと細かな改善が含まれています。
主な変更点は次の通りです:
lxc storage volume listで--columnが使えるようになりました- VM のステートフルなスナップショットと停止で
migration.statefulとsize.stateが使えるようになりました - Ceph ストレージバックエンドに
ceph.rbd.features設定オプションを追加しました - swagger API ドキュメントの初期実装
lxc stopに--consoleオプションを追加しました- コンテナでの NVIDIA MIG サポート
- スナップショットのスケジュールエイリアス
コミットの全リストは次の通りです(翻訳なし):
- doc/instances: Tweaks to make device type linking work
- doc/storage: Add mention of zfs.remove_snapshots
- simplestreams: Review and sanitize urls join
- lxd/storage/volume: Snapshot PUT is supposed to be blocking
- lxd/storage: Fix snapshot edit routes
- lxc/storage_volume: Use correct API for snapshots
- lxd/storage: Cleanup volume API endpoints
- lxd/instance/metadata: Fix API to line up with files
- client: Drop UpdateInstanceTemplateFile
- client: Drop UpdateInstanceTemplateFile
- client: Fix legacy UpdateContainerTemplateFile
- client: Rename SetInstanceMetadata to UpdateInstanceMetadata
- lxc/config: Switch to UpdateInstanceMetadata
- lxc/config: Always use CreateInstanceTemplateFile
- lxd/instance/metadata: Modernize instanceMetadataPut
- lxd/instance/metadata: Implement PATCH
- lxd/instance/snapshots: Implement PATCH
- lxd/storage: Tweak volume snapshot etag
- lxd/storage/volume/snapshot: Implement PATCH
- shared/api: Add StorageVolumeState
- client: Add GetStoragePoolVolumeState
- lxc/storage_volume: Add support for column argument
- i18n: Update translation templates
- lxd/instance/qemu: Don't use the RAM backend
- lxd/resources: More flexible PCI handling
- lxd/resources: Make usb address handling match PCI
- lxd/resources: Use %q when possible
- containers: simplify wstatus.Close() logic in Exec()
- containers: reap zombies on attach failure
- seccomp: block openat2()
- lxd/instance/qemu/qmp: Add SendFile, Migrate and MigrateIncoming
- lxd/instance/qemu/qmp: Add ping function
- lxd/instance/qemu/qmp: Re-shuffle functions
- lxd/instance/qemu/qmp: Rework run() function
- lxd/instance/qemu/qmp: Update commands to use run()
- lxd/network/network/utils: Fixes InterfaceExists to not return true if arg is empty string
- lxd/device/nic/routed: Dont give sysctl read error when invalid value
- lxd/device/nic/ipvlan: Dont give sysctl read error when invalid value
- lxd/device/nic/ipvlan: network.InterfaceExists usage
- lxd/device/nic/ipvlan: Detach ipvlan interface back to random host name on stop, then delete
- lxd/device/nic/sriov: network.InterfaceExists usage
- lxd/network/network/utils: InterfaceExists usage in InterfaceBindWait
- lxd/device/nic/sriov: Use random VF MAC if VF has no automatic MAC set
- lxd/db/instances: Adds ErrInstanceListStop that can be returned from InstanceList to stop search
- shared/validate/validate: Adds IsNetworkRange and IsNetworkAddressCIDR functions
- shared/validate/validate: Adds IsNetworkPort and IsNetworkPortRange functions
- lxd/util/config: Adds SplitNTrimSpace function
- lxd/util/config: Avoid unnecessary allocations in CopyConfig
- shared/api/network/acl: Adds shared struct types for Network ACLs
- shared/api/network/acl: Adds rule Normalise function
- client/interfaces: Adds CreateNetworkACL
- client/interfaces: Adds GetNetworkACLs
- client/interfaces: Adds GetNetworkACL
- client/interfaces: Adds UpdateNetworkACL
- client/interfaces: Adds RenameNetworkACL
- client/interfaces: Adds DeleteNetworkACL
- client/interfaces: Adds GetNetworkACLNames
- client/lxd/network/acls: Implements CreateNetworkACL function
- client/lxd/network/acls: Implements GetNetworkACLs function
- client/lxd/network/acls: Implements GetNetworkACL function
- client/lxd/network/acls: Implements UpdateNetworkACL function
- client/lxc/network/acls: Implements RenameNetworkACL function
- client/lxd/network/acls: Implements DeleteNetworkACL function
- client/lxd/network/acls: Implements GetNetworkACLNames function
- lxd/network: Add check for overlapping ovn.ranges and dhcp.ranges
- lxd/instance/qemu: Rework lxd-agent startup
- lxd/device/disk: Validate that the pool is not pending
- api: migration_stateful
- shared: Add migration.stateful
- doc/instance: Add migration.stateful
- lxd/instance/qemu: Add migration.stateful support
- lxd/device: Add migration.stateful support
- lxd/instance/qemu: Add checks for migration.stateful
- api: disk_state_quota
- doc/instances: Add size.state
- lxd/storage: Add support for size.state
- lxd/api: Port to updated SetInstanceQuota
- lxd/device/disk: Add support for size.state
- lxd/instance: Prevent stateful snapshots of VMs
- lxd/instance/qemu: Add stateful stop/start
- doc: Drop API extension columns
- api: storage_ceph_features
- lxd/storage: Add ceph.rbd.features
- doc/storage: Add ceph.rbd.features
- scripts/bash: Add ceph.rbd.features
- doc: Fix bad Github action link
- lxd/instance/qemu/qmp: Switch back to upstream repo
- lxd/device/device/interface: Adds Type interface for accessing type specific functions of a device
- lxd/device/device/common: UpdatableFields signature change
- lxd/device/nic/bridged: UpdatableFields signature change
- lxd/device/nic/routed: UpdatableFields signature change
- lxd/device/nic/p2p: UpdatableFields signature change
- lxd/device/disk: UpdatableFields signature change
- lxd/device/device/load: Adds newByType and LoadByType functions
- lxd/device/nic/bridged: Switches to use NIC type agnostic route helper functions
- lxd/device/nic/p2p: Switches to use NIC type agnostic route helper functions
- lxd/instance/drivers/driver/common: Update comment for deviceVolatileReset to match
- lxd/instance/drivers: d.deviceVolatileReset usage
- doc/preseed: LXD is pronounced lex-dee
- doc/api-extensions: LXD is pronounced lex-dee
- tests: Typo fix
- lxd/storage: LXD is pronounced lex-dee
- lxd/firewall: LXD is pronounced lex-dee
- lxd/network: LXD is pronounced lex-dee
- lxd/api: LXD is pronounced lex-dee
- lxd/device: LXD is pronounced lex-dee
- lxd/storage/utils: Updates VolumeUsedByExclusiveRemoteInstancesWithProfiles to use db.ErrInstanceListStop
- lxd/network/network/utils: Removes whitespace trimming from SubnetParseAppend
- lxd/instance/drivers: UpdatableFields usage
- lxd/device/device/utils/network: Changes veth route functions to not depend on device specific logic
- lxd/instance/drivers/driver/lxc: Removes deviceResetVolatile provided by common
- lxd/instance/drivers/driver/qemu: Removes deviceResetVolatile provided by common
- utils: trim whitespace from block device UUID
- lxd/storage/drivers/btrfs: Add up fs and block quota for VMs
- lxd/storage/drivers/dir: Pass int64 size to setQuota
- lxd/storage/drivers/dir: Add up fs and block quota for VMs
- shared/validate/validate: Add IsCompressionAlgorithm
- lxd/cluster: Update compression validation
- lxd/instance: Move CreateInternal
- lxd/instance/drivers: Rename restart to restartCommon
- lxd/instance/drivers: Move snapshot creation to the driver
- lxd/instance/qemu: Add restoreState
- lxd/instance/qemu: Add saveState
- lxd/instance/qemu: Add stateful snapshot
- lxd/cluster: Guarantee single hearbeat loop
- doc/rest-api: Fix and clarify backup API
- lxd/cluster: Improve heartbeat logging
- lxd/api: Don't use potentially nil struct
- lxd/init: Better error on invalid auto-detect fan underlays
- lxd/network/network/utils: Converts UsedBy to use InstanceList function
- lxd/network/network/utils: Changes isInUseByDevices to isInUseByDevice
- lxd/network/network/utils: Adds usedByInstanceDevices function
- lxd/network: Fix for stable-4.0
- doc/rest-api: More fixes for backups
- lxd: Remove ReadToJSON
- lxd/db: Fix RenameCertificate
- lxd/certificate: Modernize DB handling
- lxd/certificate: Rework cache
- doc/backup: Mention subuid/subgid
- lxd/db/certificates: Fix bad error handling
- shared/api: Add restricted and projects to certificate
- lxd/instance/drivers/driver/lxc: Log when skipping volume delete in a recovery import scenario
- lxd/api/internal: Don't create .importing file when performing a backup import in internalImport
- lxd/api/internal: internalImport usage
- lxd/instance/instance/utils: CreateInternal usage of revert package
- lxd/instances/post: internalImport usage
- tests: Reword deadcode
- shared/log15: Remove dead code
- lxd/storage/drivers/driver/btrfs: Unset pool size setting during creation if not relevant
- lxd/storage/drivers/driver/btrfs: Consistent error quoting in Create
- lxd/storage/pools/config: Consistent error quoting in storagePoolValidateConfig
- driver_lxc: pass flags to shiftfs mount
- lxd/network/driver/bridge: Ensure that DHCP firewall rules are added in fan mode
- lxd/network: Drop unused usedByInstanceDevices
- lxd/network/network/utils: Reorders UsedBy to do cheapest search first
- Merge pull request #8480 from tomponline/tp-network-usedby-stable-4.0
- Makefile: Add update-api
- shared/api: Label Server structs
- lxd: Setup API metadata
- lxd: Add / and /1.0 to swagger
- tests: Update deadcode for swagger
- doc: Include initial YAML version of rest-api
- lxd/certificates: Add to swagger
- shared/api: Label Certificate structs
- doc/rest-api/swagger: Update for certificates
- lxd/storage/drivers/utils: Comment clarify in BlockDiskSizeBytes
- lxd/resources/storage: Rework block size handling
- Updated instanceLogDelete function
- lxd/device/disk: Tweak mkisofs flags
- lxd/instance/post: Update instancePostClusteringMigrate to respect instance's project
- lxd/instance/backup: Makes returned containers resource conditional on instance type
- lxd/instance/console: Conditional containers resources
- lxd/instance/delete: Updates instanceDelete to use inst var and makes returned containers resources conditional on instance type
- lxd/instance/exec: Makes containers resources conditional on instance type
- lxd/instance/post: Renames c to inst and makes containers resources conditional on instance type
- lxd/instance/put: Renames c to inst and makes containers resources conditional on instance type
- lxd/instance/snapshot: Renames sc to snapInst and makes containers resources conditional on instance type
- lxd/instances/post: Makes containers resources conditional on instance type
- doc/rest-api: Updates backup endpoint docs
- lxd/cluster: Don't warn about pending nodes
- lxd/instances: Fix instance copy within project
- netutils: improve file descriptor retrieval and increase robustness
- lxd/api: Add project and target arguments to doc
- shared/api: Add comments to certificate fields
- shared/api: Add comments to server fields
- lxd/resources: Add swagger documentation
- shared/api: Label Resources structs
- doc/rest-api: Refresh swagger YAML
- doc/projects: Projects aren't restricted by default
- lxd/storage/drivers/util: Updates ensureVolumeBlockFile to add unsupportedResizeTypes argument
- lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolume with ensureVolumeBlockFile comments
- lxd/storage/drivers/driver/btrfs/volumes: Updates SetVolumeQuota to pass VolumeTypeImage to ensureVolumeBlockFile
- lxd/storage/drivers/driver/dir/volumes: Comment improvement in CreateVolume
- lxd: improve unix fd retrieval infrastructure
- Update for Go 1.17 go:build tags
- lxd/db: Don't fail preparing statements for activateifneeded
- unixfd: vet all parameters
- lxd/internal: Don't access undefined fields
- tests: Fix project limits on arm64
- doc/README: Drop readthedocs
- lxc/remote: Update working to line up with project
- i18n: Update translation template
- lxd/profiles: Add to swagger
- shared/api: Label Profiles structs
- lxd/projects: Add to swagger
- shared/api: Label Projects structs
- lxd/events: Add to swagger
- shared/api: Label Events structs
- lxd/networks: Add to swagger
- shared/api: Label Networks structs
- shared/api: Hide API extensions from swagger
- doc/rest-api: Refresh swagger YAML
- lxd/device/gpu: Optimize setupSriovParent
- lxd/device: Save parent PCI address for GPU SR-IOV
- lxd/network/network/utils/sriov: Refactors SRIOVFindFreeVirtualFunction and sriovGetFreeVFInterface
- lxd/network/network/utils/sriov: Modifies sriovGetFreeVFInterface to check a VF is down and has no IPs before considering it available
- shared/validate/validate: Adds IsInterfaceName function
- lxd/network/network/utils: Removes validInterfaceName function
- lxd/network/driver: validate.IsInterfaceName usage
- lxd/device/nic: Validate that NIC name property is valid interface name
- lxd/device/nic: Adds nicCheckNamesUnique function
- lxd/device/nic: Updates nicValidationRules to accept a instance.ConfigReader argument and use nicCheckNamesUnique
- lxd/device: nicValidationRules usage
- lxd/device: Return -1 if all VFs are in use
- lxd/device: Support multiple GPUs for SR-IOV
- shared/api/cluster: Architecture is a read-only field
- shared/api: Label Network ACLs structs
- lxd/cluster: Add to swagger
- shared/api: Label Cluster structs
- doc/rest-api: Refresh swagger YAML
- lxd/network/network/utils/sriov: Don't fail when missing vfListPath in sriovGetFreeVFInterface
- lxd/vsock: Better handle errors
- shared/util: Add GetStableRandomInt64FromList
- lxd/db/images: Add AutoUpdate filter
- lxd/db/images: Add helper functions
- docs: typo on JSON schema
- lxd/vsock: Retry timeouts once
- lxd/db: Set nodes.id to auto-increment
- lxd: Add internal endpoints for updates
- lxd/images: Fix auto image updates
- test/suites: Test image refresh in cluster
- lxd/images: Properly spread replicated images
- lxd/migration: Refresh protobuf
- lxd/storage/ceph: Fix ceph.rbd.features
- lxd/cluster/gateway: Expose node is not clustered error
- lxd/cluster/gateway/test: TestGateway_Single ErrNodeIsNotClustered usage
- lxd/patches: Adds db_nodes_autoinc patch
- lxd/storage/drivers/driver/ceph/utils: util.SplitNTrimSpace usage
- shared/util: Removes GetStableRandomInt64FromList and GetStableRandomGenerator from shared pkg
- lxd/util/random: Adds GetStableRandomGenerator and GetStableRandomInt64FromList functions
- lxd/images: util.GetStableRandomInt64FromList usage
- lxd/network/driver/bridge: util.GetStableRandomGenerator usage
- lxd/patches: Update DB tweak for 4.0
- shared/api/netork/acl: Adds missing example doc fields
- test/suites: Fix sed command
- shared/api: Mark most ACL rule fields omitempty
- client/lxd: Don't treat % chars from LXD server response as placeholders in lxdParseResponse
- Doc: fix typo on network type
- doc/rest-api: Refresh swagger YAML
- doc/rest-api: Refresh swagger YAML
- lxd: Unmount image and backup volume on shutdown
- lxd: Fix static analysis
- shared: Remove WriteTempFile
- shared/osarch: Remove dependency on shared package
- shared/osarch: Add SupportedArchitectures
- shared/validate: Add IsArchitecture
- lxd/storage/drivers/generic/vfs: Error quoting in genericVFSVolumeSnapshots
- lxd/storage/drivers/driver/btrfs/volumes: Ensure subvolumes in snapshots are copied during CreateVolumeFromCopy
- lxd/images: Optimize image distribution
- lxd: Properly unmount old image volume
- lxd/instance/qemu: Add 5s QMP timeout
- lxd/storage/drivers/volume: Optimized creation of slice in Snapshots()
- lxd/storage/drivers/volume: Adds SnapshotsMatch function
- lxd/storage/drivers/interface: Updates BackupVolume to take a slice of snapshot names
- lxd/db/instances: Clarifies expected return order of snapshots in GetInstanceSnapshotsWithName
- lxd/storage/backend/lxd: Updates BackupInstance to provide list of snapshot names to b.driver.BackupVolume
- lxd/storage/drivers/generic/vfs: Updates genericVFSBackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/btrfs/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/ceph/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/cephfs/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/dir/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/lvm/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/mock: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/zfs/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers: Clarifies ordering of VolumeSnapshots and volume.Snapshots() in comment
- lxd/storage/volumes/snapshot: Use requested project name for operation
- lxd/storage/volumes: Use requested project name for operation
- lxd/operations: Renames project to projectName
- lxd: Renames project to projectName
- clustering: Force config when bootstrapping
- test: Run test_clustering_image_refresh
- test/main: Fix clustering test typo
- test/clustering: Cleanup properly
- test/clustering: s/localhost/public/
- test/clustering: Replace sleep with wait
- test/clustring: Unset LXD_NETNS
- lxd/device/disk: Fallback to using mount device path for major/minor number extraction for BTRFS
- lxd/instance/drivers/driver/lxc: Ensure container is stopped if post start hooks fail
- lxd/instance/drivers/driver/qemu: Adds comment clarifying order of post start hook failure actions
- tests: Don't block on /dev/random
- lxd/db/images: Fix incorrect cached attribute handling
- lxd/images: Improve error logging in autoUpdateImages
- doc: Added a Table of Content in /doc/index.md
- doc: Added "Feature Requests" to Bug Reports section in /doc/index.md
- lxd/patches: Fix typo in patchNetworkClearBridgeVolatileHwaddr
- shared/api/network/acl: Updates example with non-depcared reserved subject
- shared/api/network/acl: Removes reference to default.action in config
- lxd/migrate: Set TrackProgress to
trueto track in-cluster progress information - lxd: Support for in-cluster progress information
- lxd/device/nic/bridged: Check br_netfilter for security.ipv6_filtering loaded before clearing existing rules
- lxd/images: Skip update if image cannot be found
- lxd/db/cluster: Extend list of entities
- lxd/db/cluster: Fix entity URI for images
- lxd/network/network/utils: Updates GetNeighbourIPs to return slice of NeighbourIP struct (with State)
- lxd/device/nic/bridge: Updates State IP neighbour scanning to return valid state neighbours first
- lxd/instance/drivers/driver/lxc: Adds statusCode function and update State to use it
- lxd/instance/drivers/driver/lxc: Adds isRunningStatusCode function and updates IsRunning to use it
- lxd/instance/drivers/driver/lxc: Adds renderState function and updates RenderState to use it
- lxd/instance/drivers/driver/lxc: Updates RenderFull to use d.renderState
- lxd/instance/drivers/driver/lxc: Updates IsFrozen to use d.statusCode()
- lxd/instance/drivers/driver/lxc: Updates Render to use d.statusCode
- lxd/instance/drivers/driver/lxc: Updates RenderState to use statusCode
- lxd/instance/drivers/driver/qemu: Updates RenderState to use d.isRunningStatusCode
- lxd/instance/drivers/driver/qemu: Updates IsRunning to use d.isRunningStatusCode
- lxd/instance/drivers/driver/qemu: Updates IsFrozen to use d.statusCode
- lxd/instance/drivers/driver/qemu: Reduce calls to statusCode in Render
- lxd/instance/drivers/driver/qemu: Updates RenderFull to use d.renderState
- lxd/instance/drivers/driver/qemu: Adds renderState and updates RenderState to use it
- lxd/instances: Removes check for invalid state BROKEN in instancesShutdown
- lxc/action: Allow --console with stop action.
- i18n: Update translation templates
- shared/api: Label Operation structs
- lxd/operations: Add to swagger
- doc/rest-api: Refresh swagger YAML
- Makefile: Set GO111MODULE=off
- doc/rest-api: Refresh swagger YAML
- lxd/operations: Cover public endpoints
- shared/api: Fix cluster labeling
- lxd: Add project arguments to swagger
- lxd/swagger: Add background operations
- shared/api: Label Image structs
- lxd/images: Add to swagger
- doc/rest-api: Refresh swagger YAML
- lxd/instance/qemu: Disable net vectors on ccw
- lxc/list: Handle dots in device keys
- lxd/network/driver/bridge: Error quoting
- lxd/device: Ensure type field in NetworkInterface is specified first for liblxc
- lxd/storage/drivers/driver/ceph/volumes: Don't ignore unmount/unmap failures in DeleteVolume
- lxd/images: Remove images backed by remote storage
- lxd/db: Renames isRemoteStorage to IsRemoteStorage
- Merge pull request #8620 from tomponline/tp-storage-ceph-stable-4.0
- Revert "doc: Added a Table of Content in /doc/index.md"
- lxd/device/gpu_mdev: Simplify start logic
- lxd/device/gpu_mdev: Support mdev on top of SR-IOV
- lxc/list: Rename state to inst
- lxc/list: Cleanup comments
- lxc/list_test: Rename state to inst
- lxc/info: Sort the mdev profiles
- lxc-to-lxd: Fix test (type always goes first)
- test/suites/clustering: Retry removing node from database in test_clustering_remove_raft_node
- lxd/gpu/physical: Fix compute-only passthrough
- doc/instances: Mark mdev field as required
- lxd/db/profiles: Cleanup arg names and errors in GetProfiles
- lxd/api/internal: Adds internalImportRootDevicePopulate function
- lxd/api/internal/test: Add tests for internalImportRootDevicePopulate
- lxd/api/internal: Updates internalImport to use internalImportRootDevicePopulate
- lxd/storage/errors: Removes ErrNotImplemented
- lxd/storage/load: Return drivers.ErrNotSupported in GetPoolByInstance when storage pool doesn't support instance type
- lxd/storage/backend/lxd: drivers.ErrNotImplemented usage
- lxd/storage/backend/mock: drivers.ErrNotImplemented usage
- lxd/instance/drivers/driver/lxc: Check pool supports instance type in lxcCreate
- lxd/instance/drivers/driver/qemu: Check pool supports instance type in qemuCreate
- lxd/instance/drivers/driver/lxc: Use errors.Cause
- lxd/instance/drivers/driver/qemu: Use errors.Cause
- lxd/instance/drivers: Clearer pool load failure message
- lxd/backup: Clearer pool load failure message
- lxd/instance: Add revert package usage
- lxd/instance: Clearer error messages
- lxd/migrate/instance: storageDrivers.ErrNotImplemented usage
- test/suites/backup: Add tests for checking lxd import profile root disk support
- lxd/storage/backend/lxd: Check custom volume type is supported by storage pool
- cluster: Larger Timeout to find leader
- lxd/firewall/firewall/interface: Add NetworkSetup and remove feature specific network setup functions
- lxd/firewall/drivers/driver/consts: Add network firewall Opts
- lxd/firewall/drivers/drivers/nftables: Implement NetworkSetup and unexport per-feature setup functions
- lxd/firewall/drivers/drivers/xtables: Implement NetworkSetup and unexport per-feature setup functions
- lxd/network/driver/bridge: Switch to n.state.Firewall.NetworkSetup usage
- doc/instance: Fix escaping
- lxd/device/gpu: Add NVIDIA MIG support
- doc/instances: Add GPU MIG
- api: gpu_mig extension
- lxd/project: Add skipUnset
- lxd/project: Refactor instance counting
- shared/api: Add ProjectState
- client: Add GetProjectState
- client: Fixes GetContainerLogfiles and GetInstanceLogfiles
- lxd/firewall/drivers/drivers/xtables: errors.Wrapf usage
- lxd/firewall/drivers/drivers/xtables: Removes unused args from generateFilterIptablesRules
- lxd/firewall/drivers/drivers/xtables: Adds iptablesChainCreate and iptablesChainExists functions
- lxd/firewall/drivers/drivers/xtables: Moves NIC level security filtering rules into own chain
- shared/validate: Allow uppercase letters in PCI addresses
- shared/validate: Update unit tests for PCI addresses
- lxd/instance/drivers: Restrict virtiofs to Intel architectures
- lxd/device/disk: Restrict virtiofs to x86_64
- lxd/cluster: Don't copy all images on startup
- tests: Disable test_clustering_image_replication
- lxd/task: Add Hourly convenience function
- lxd/firewall/firewall/interface: Adds delete and ipVersions slice args to NetworkClear
- lxd/network/driver/bridge: n.state.Firewall.NetworkClear usage in setup
- lxd/network/driver/bridge: firewall setup debug logging
- lxd/network/driver/bridge: n.state.Firewall.NetworkClear usage in Stop
- lxd/firewall/drivers/drivers/nftables: NetworkClear updated with new arguments
- lxd/firewall/drivers/drivers/xtables: Updates networkSetupNICFilteringChain to use network-specific chain
- lxd/firewall/drivers/drivers/xtables: Updates generateFilterIptablesRules to use network-specific chain
- lxd/firewall/drivers/drivers/xtables: No need to use LookPath in iptablesChainCreate
- lxd/firewall/drivers/drivers/xtables: Adds iptablesChainDelete function
- lxd/firewall/drivers/drivers/xtables: NetworkClear updated to add new arguments
- lxd/instance: Move NextSnapshotName
- lxd/operations: Fix possible NPE
- shared/validate: Add IsCron validator
- lxd/storage/drivers/driver/zfs/volumes: Only mount instance filesystem volumes in postHook for CreateVolumeFromBackup
- lxd/operations: Don't wait for tokens
- lxd/images: Run autoSyncImagesTask hourly
- lxd/db/images: Add GetImages
- lxd/images: Retrieve all images on sync
- lxd/images: Use CopyImage() in autoSyncImages
- lxd/daemon: Fix comment about autoSyncImages
- lxd: Sync images on cluster node removal
- lxd: Sync images when cluster.images_minimal_replica changes
- tests: Re-enable image replication tests
- lxd: Sync images on cluster node join
- lxd/images: Pick a random source node for replication
- lxd/operations: Export OperationClass type
- lxd/firewwall/drivers/drivers/nftables: Changes nftables to use a single inet table rather than separate ip and ip6 tables
- client: Fix copy of VM snapshots
- test: Updates proxy tests to check nftables inet table
- tests: Fix failure on 5.11 kernel
- lxd/firewall/drivers/drivers/xtables: Don't check for existing rule in iptablesAdd
- lxd/firewall/drivers/drivers/xtables: Updates d.iptablesChainExists to return if chain has any rules
- shared/validate/validate: Check IsNetworkPortRange range starts lower than end
- forkexec: log more failures
- Revert "lxd/firewall/drivers/drivers/xtables: Don't check for existing rule in iptablesAdd"
- lxd/daemon/images: Adds imageDownloadLock function
- lxd/daemon/images: Use d.imageDownloadLock in ImageDownload
- lxd/daemon/images: Improve error messages in ImageDownload
- lxd/instance: Improve error messages in instanceCreateFromImage
- lxd/instance: Use d.imageDownloadLock in instanceCreateFromImage
- lxd/firewall/drivers/drivers/xtables: Only add multiple instance <> instance NAT rules for proxy if connect port range used in InstanceSetupProxyNAT
- lxd/firewall/drivers/drivers/xtables: Don't look for existing rules in iptablesAdd
- lxd/firewall/drivers/drivers/nftables: Only add multiple instance <> instance NAT rules for proxy if connect port range used in InstanceSetupProxyNAT
- lxd/networks: Updates doNetworksCreate to skip network validation during pre-join phase
- lxd/instance: Drop unused function
- lxd/project: Only consider syscall interception as low-level
- lxd/instance: Fix stable-4.0 build
- shared/simplestreams: Improve error messages
- lxd/daemon/images: Improve error messages
- client/simplestreams/images: Improve error messages
- test/godeps.list: Adds github.com/pkg/errors
- lxd: don't set device cgroup values for unpriv containers
- lxd/storage: Re-introduce cluster distributino of volume snapshots
- lxc/remote: Only update URL in set-url
- lxd/instance/drivers: Don't overwrite template triggers
- lxd/daemon/images: Removes unnecessary imagesDownloadingLock mutex
- lxc: Fix help for string arguments
- tests: Fix apply_template check
- lxd/cluster/membership: Updates Bootstrap to generate new cluster certificate
- lxd/util/encryption: Comment on LoadCert
- lxd/util/encryption: Adds LoadClusterCert function
- test: load cluster.crt not server.crt when bootstrapping a cluster
- lxc-to-lxd: Fix TestConvertNetworkConfig loopback only test
- lxd/db: Add cluster ToAPI
- lxd: Switch to using GetNodes
- lxd/cluster: Drop List function
- tests: Update for current cluster messages
- lxd/lxd: Prevent multiple routed NIC devices from using "auto" gateway mode
- lxd/db: Add node ID to StorageVolumeArgs
- doc: Add aliases to snapshots.schedule
- api: snapshots_schedule_aliases
- lxd/util: Rework random functions
- lxd/snapshot: Add snapshot aliases
- lxd: Use snapshot aliases
- lxd/instance: Add startup snapshot
- shared/validate: Add IsCron validator
- tests: Add snapshot scheduling
- lxd/storage/volumes/snapshots: Updates autoCreateCustomVolumeSnapshotsTask to always snapshot local custom volumes
- lxd/storage/volumes/snapshots: Update autoCreateCustomVolumeSnapshots return value
- lxd/storage/volumes/snapshots: Adds comments to autoCreateCustomVolumeSnapshots
- lxd: Move image-refresh to /internal/testing/
- test/suites: Use /internal/testing/image-refresh
- lxc/storage_volume: Properly use cluster target
- lxc/storage_volume: Add missing target
- vm/qemu: configure spice using -spice parameter
- lxd/storage_volume_snapshots: Fix cluster redirection
- lxd/db/storage: Properly increment snapshots
- lxd/storage_pools: Fix ordering of pool delete
- lxd/endpoint: Retry binding on startup
- lxd/instance/qemu: Move to query-cpus-fast
- shared/api/certificate: Adds certificate type constants
- lxd/db/certificates: Adds CertificateAPITypeToDBType and ToAPIType functions
- lxd/db/certificates: Comment on Certificate
- lxc: Switch to CertificateTypeClient constant
- lxd: Switch to CertificateTypeClient constant
- lxd-p2c/utils: Switch to CertificateTypeClient constant
- lxd/util/encryption: Adds LoadServerCert function
- lxd/certificates: updateCertificateCache error quoting consistency
- lxd/network/driver/bridge: Don't attempt to setup ipv6 firewall when no ipv6.address
- lxd/swagger: Add NotFound response
- lxd/certificates: Store certificateCache by certificate type
- lxd/certificates: db.CertificateAPITypeToDBType usage and set certificate type to server
- lxd/certificates: Comment ending consistency
- lxd/daemon: Adds getTrustedCertificates function
- lxd/daemon: Update Authenticate to use d.getTrusterCertificates
- lxd/daemon: Comment ending consistency in Authenticate
- lxd/snapshots: Fix multiple schedules
- lxd/images: Ignore intervals on manual refreshes
- shared/api: Add warning structs
- client: Add warning functions
- lxd/db: Fix typo in error
- lxd/util/http: Fix CheckTrustState to block access for revoked certificates that were formerly trusted
- lxd/certificates: Adds comment about the importance of a check related to CA mode in certificatesPost
- test: Remove trusted remote before checking adding untrusted remote
- test: Don't use CA PKI generated server certs for LXD
- test/deps: Removes alternative pre-generated server cert and key
- test: Remove LXD_ALT_CERT
- test: Update PKI tests to comply with expectations of revocation behaviour
- Revert "lxd/instance/qemu: Move to query-cpus-fast"
- lxd/firewall/drivers/drivers/nftables: Require kernel version >= 5.2 to allow support for inet table NAT rules
- lxd/ip: Add ip package
- lxd/device: Replace ip command with ip package
- lxd: Replace ip command with ip package
- lxd/network: Replace ip command with ip package
- tests: Add ip package to static_analysis test
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.13 リリースのお知らせ ¶
10th of April 2021
はじめに ¶
LXD チームは LXD 4.13 のリリースをお知らせできることにとてもワクワクしています!
このリリースでは、プロジェクトのリソース使用量の確認、NVIDIA MIG サポート、スナップショットのスケジュールのエイリアス、デフォルトのクラスターアーキテクチャーの指定、多数の CLI ツールの改良を含む、多数のエキサイティングな新機能が含まれています。
Enjoy!
新機能とハイライト ¶
lxc list でのインスタンスのフィルタリング ¶
lxc list で key=value 形式のフィルタとして指定できるオプションが追加されました。
- type= (コンテナ or 仮想マシン)
- status= (running, frozen, stopped or broken)
- architecture= (有効なアーキテクチャー名)
- location= (クラスターのサーバー名)
- ipv4= (アドレスまたはCIDR)
- ipv6= (アドレスまたはCIDR)
IPv6 の CIDR でフィルタリングを行っている例です:
stgraber@penguin:~$ lxc list ipv6=2001:470:b368::/48 +----------+---------+-----------------------+----------------------------------------------+-----------------+-----------+----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | LOCATION | +----------+---------+-----------------------+----------------------------------------------+-----------------+-----------+----------+ | buildd01 | RUNNING | 10.232.117.1 (lxdbr0) | 2602:fd23:8:1005:216:3eff:fe19:fd6e (enp5s0) | VIRTUAL-MACHINE | 7 | abydos | | | | | 2001:470:b368:4242::1 (lxdbr0) | | | | +----------+---------+-----------------------+----------------------------------------------+-----------------+-----------+----------+ | buildd02 | RUNNING | 10.181.173.1 (lxdbr0) | 2602:fd23:8:1005:216:3eff:fec8:841b (enp5s0) | VIRTUAL-MACHINE | 8 | langara | | | | | 2001:470:b368:4242::1 (lxdbr0) | | | | +----------+---------+-----------------------+----------------------------------------------+-----------------+-----------+----------+ | buildd03 | RUNNING | 10.232.46.1 (lxdbr0) | 2602:fd23:8:1005:216:3eff:fe67:f919 (enp5s0) | VIRTUAL-MACHINE | 7 | orilla | | | | | 2001:470:b368:4242::1 (lxdbr0) | | | | +----------+---------+-----------------------+----------------------------------------------+-----------------+-----------+----------+
コンテナでの NVIDIA MIG サポート ¶
新しい GPU タイプとして NVIDIA Multi-Instance GPU のサポートを導入しました。 この機能をサポートするシステム上で、あらかじめ作成した MIG コンピュートインスタンスを LXD コンテナに与えられるようになりました。
これは gpu デバイスタイプで mig gputype を指定することで使えます。
lxc config device add c1 gpu0 gpu gputype=mig mig.gi=5 mig.ci=1 pci=09:00.0
この例では、アドレス 09:00.0 の GPU の GPU インスタンス 5 のコンピュートインスタンス 1 が使われます。
関連する値はすべて、MIG インスタンスを作成したあと、nvidia-smi から見つけられます。
システムワイドなリモート設定 ¶
lxc コマンドラインツールが /etc/lxd/ を設定のソースとして見るようになりました。
ここに置かれた config.yaml はユーザー自身の設定とマージされます。
これにより、LXD のリモートに関する設定をシステムワイドに行なえます。サーバー証明書も同様に /etc/lxd/servercerts/ に置けます。
注意: この設定は snap をお使いのユーザーではまだ有効にはなりません。すぐに snap 向けの設定を行い、グローバル設定を /var/snap/lxd/common 内に置けるようにする予定です。
プロジェクトのリソース使用量の確認 ¶
リソース制限が設定されているプロジェクトでは、制限と現在のリソース消費の概要が確認できるようになりました。消費の状況は制限が設定されている場合のみ正確に表示されます。
stgraber@penguin:~$ lxc project info nsec +------------------+-----------+---------+ | RESOURCE | LIMIT | USAGE | +------------------+-----------+---------+ | CONTAINERS | UNLIMITED | 3 | +------------------+-----------+---------+ | CPU | 4 | 3 | +------------------+-----------+---------+ | DISK | 53.69GB | 33.29GB | +------------------+-----------+---------+ | INSTANCES | UNLIMITED | 3 | +------------------+-----------+---------+ | MEMORY | 4.29GB | 3.22GB | +------------------+-----------+---------+ | NETWORKS | 10 | 1 | +------------------+-----------+---------+ | PROCESSES | 100000 | 30000 | +------------------+-----------+---------+ | VIRTUAL-MACHINES | UNLIMITED | 0 | +------------------+-----------+---------+
スナップショットのスケジュール設定のエイリアス ¶
LXDは、インスタンスとカスタムストレージボリュームの両方について、スナップショットの自動スケジューリングをサポートしています。これはsnapshots.scheduleという設定オプションを使って設定します。
cron 形式での設定に加えて、次のエイリアスでも設定できるようになりました:
@hourly@daily@midnight@weekly@monthly@annually@yearly
また、インスタンスの場合に限り、追加の @startup という設定が存在し、インスタンスが起動、再起動するごとにスナップショットを実行できます。
cronパターンと比較した場合のエイリアスのもう一つの利点は、それらが時間的にランダムに分散されることです。つまり、@daily はすべてのインスタンスやストレージボリュームで同時にトリガーされることはありませんが、特定のインスタンスやストレージボリュームについては同時にトリガーされます。
マルチアーキテクチャーで設定されている場合の images.default_architecture ¶
マルチアーキテクチャーのクラスターを運用している場合、特定のターゲットを指定せず、複数アーキテクチャーで使用できるイメージを使用してインスタンスを起動すると、LXD はアーキテクチャに関わらず、すべてのサーバーのうちもっともビジーでないサーバーを見つけて、そこでインスタンスを作成します。
ほとんどのマルチアーキテクチャークラスターはメインのアーキテクチャー(x86_64 であることが多い)と、メインのアーキテクチャーより容量の少ないあまり一般的ではないアーキテクチャー(aarch64, ppc64le, s390x, ...)を持っていることが多いので、これはあまり望ましい動作ではありません。ですので、LXD がこれらを等しく扱い、インスタンスを全体に分散させるだけではかなり混乱してしまいます。
新たな設定オプションである images.default_architecture には、イメージが単一アーキテクチャー固有ではない場合に使用するアーキテクチャー名を設定できます。
例えば、マルチアーキテクチャークラスターでは次のようになります:
lxc config set images.default_architecture x86_64 lxc launch images:ubuntu/20.04 c1
この例では x86_64 アーキテクチャーのインスタンスがデプロイされます。そして、次のように使うと:
lxc launch images:ubuntu/20.04/arm64 c1
明示的に aarch64 イメージを指定すると、aarch64 イメージを実行できるクラスターサーバーが選択されます(訳注: 例は arm64 になってますが、aarch64 の Ubuntu での arch が arm64 です)。
lxc project list, lxc profile list, lxc storage list の新しい DESCRIPTION カラム ¶
この変更で、ほぼすべてのトップレベルのリストコマンドで description 属性を表示するようになりました。次のようなコマンドで同じように利用できます:
- lxc profile list
- lxc image list
- lxc project list
- lxc storage list
- lxc network list
これは、lxc list ではデフォルトでは表示されません。これは横方向のスペースがないためですが、設定できるカラムの1つですので有効にもできます。
ネットワーク ACL のデフォルトアクションの処理を見直しました ¶
最近導入されたネットワーク ACL は、ACL レベルで default.action と default.logged というオプションが設定できました。これは、1つのインスタンスに多くの ACL が適用できるため、これらの設定キーを混乱させる悪い設計でした。
結果的に、この 2 つの設定キーを ACL 設定から完全に削除し、代わりにインスタンスのネットワークデバイスやネットワークを直接設定できる設定を導入しました。
新しい設定キーは次のとおりです:
security.acls.default.egress.actionsecurity.acls.default.egress.loggedsecurity.acls.default.ingress.actionsecurity.acls.default.ingress.logged
また、これは内向き(ingress)と外向き(egress)の通信を分離することにより、ブロックする内向きの通信を静かに無視したまま、ブロックされた外向きのトラフィックをログに記録することが容易になります。
lxc stop コマンドの --console オプション ¶
lxc start、lxc restartに加えて、lxc stopで--consoleオプションが使えるようになりました。
これを使って、インスタンスがシャットダウンのシグナルを受け取った瞬間、インスタンスのコンソールに接続できます。 これは、シャットダウンシーケンスを観察したり、シャットダウン時のエラーを見つける際に便利です。
自動生成の REST-API ドキュメントの追加 ¶
/1.0/instancesと /1.0/storage-poolsを除くすべてが、Swagger API ファイルでカバーされるようになりました。これで LXD API とやりとりするすべてのパラメーターと方法をカバーしているはずです。
仮に出力したものがこちらにあります: https://dl.stgraber.org/swag-lxd/
すべての変更点(翻訳なし)¶
このリリースでの完全な変更点のリストは次のとおりです:
- lxd/migration: Refresh protobuf
- lxd/storage/ceph: Fix ceph.rbd.features
- lxd/cluster/gateway: Expose node is not clustered error
- lxd/cluster/gateway/test: TestGateway_Single ErrNodeIsNotClustered usage
- lxd/patches: Adds db_nodes_autoinc patch
- lxd/storage/drivers/driver/ceph/utils: util.SplitNTrimSpace usage
- lxd/network/openvswitch/ovs: Adds TCP flag constants
- lxd/network/acl/acl/ovn: Switches to openvswitch TCP flag constants in OVNApplyNetworkBaselineRules
- shared/util: Removes GetStableRandomInt64FromList and GetStableRandomGenerator from shared pkg
- lxd/util/random: Adds GetStableRandomGenerator and GetStableRandomInt64FromList functions
- lxd/images: util.GetStableRandomInt64FromList usage
- lxd/network/driver/bridge: util.GetStableRandomGenerator usage
- lxd/network/driver/ovn: util.GetStableRandomGenerator usage
- lxd/storage/volumes/snapshot: util.GetStableRandomInt64FromList usage
- test: Run test_clustering_image_refresh
- shared/api/netork/acl: Adds missing example doc fields
- lxc/network/acl: Update field examples
- i18n: Update translation template
- lxd/network/acl/acl/load: Fix UsedBy with project profiles
- test/suites: Fix sed command
- shared/api: Mark most ACL rule fields omitempty
- Fix typo in doc/projects.md, replace images with backups
- Fix a typo in rest-api.md for renaming a network ACL
- client/lxd: Don't treat % chars from LXD server response as placeholders in lxdParseResponse
- doc/network/acls: Changes reserved subject names
- lxd/network/acl/acl/ovn: Handles deprecated aliases for subjects
- shared/api/network/acl: Updates example with non-depcared reserved subject
- lxd/network/acl/driver/common: Deprecates #internal and #external subjects and replaces them with @internal and @external
- Doc: fix typo on network type
- doc/rest-api: Refresh swagger YAML
- doc/rest-api: Refresh swagger YAML
- lxd: Unmount image and backup volume on shutdown
- lxd: Fix static analysis
- shared: Remove WriteTempFile
- shared/osarch: Remove dependency on shared package
- shared/osarch: Add SupportedArchitectures
- shared/validate: Add IsArchitecture
- lxd/project: Add images.default_architecture
- lxd/cluster: Add images.default_architecture
- lxd/db: Support images.default_architecture
- lxd: Support images.default_architecture
- doc: Add images.default_architecture
- api: images_default_architecture
- lxd/network/driver/ovn: Adds n.ensureNetworkPortGroup and use it in setup() and Start()
- lxd/network/driver/ovn: Clarifies comment
- lxd/storage/drivers/generic/vfs: Error quoting in genericVFSVolumeSnapshots
- lxd/storage/drivers/driver/btrfs/volumes: Ensure subvolumes in snapshots are copied during CreateVolumeFromCopy
- lxd/images: Optimize image distribution
- lxd: Properly unmount old image volume
- lxd/network/acl/acl/ovn: Ensure to parenthesised || when used with && in rule match
- lxd/instance/qemu: Add 5s QMP timeout
- lxd/storage/drivers/volume: Optimized creation of slice in Snapshots()
- lxd/storage/drivers/volume: Adds SnapshotsMatch function
- lxd/storage/drivers/interface: Updates BackupVolume to take a slice of snapshot names
- lxd/db/instances: Clarifies expected return order of snapshots in GetInstanceSnapshotsWithName
- lxd/storage/backend/lxd: Updates BackupInstance to provide list of snapshot names to b.driver.BackupVolume
- lxd/storage/backend/lxd: Updates BackupCustomVolume to provide list of snapshot names to b.driver.BackupVolume
- lxd/storage/drivers/generic/vfs: Updates genericVFSBackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/btrfs/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/ceph/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/cephfs/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/dir/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/lvm/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/mock: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers/driver/zfs/volumes: Updates BackupVolume to accept a list of snapshot names
- lxd/storage/drivers: Clarifies ordering of VolumeSnapshots and volume.Snapshots() in comment
- lxd/storage/volumes/backup: Use requested project name for operation
- lxd/storage/volumes/snapshot: Use requested project name for operation
- lxd/storage/volumes: Use requested project name for operation
- lxd/operations: Renames project to projectName
- lxd: Renames project to projectName
- clustering: Force config when bootstrapping
- lxd/network/openvswitch/ovn: Work around ovn-nbctl NAT bugs in LogicalRouterDNATSNATAdd
- lxd/network/openvswitch/ovn: Use same technique as LogicalRouterDNATSNATAdd when mayExist is true
- lxd/network/openvswitch/ovn: Merge LogicalSwitchPortAdd and LogicalSwitchPortSet
- lxd/network/driver/ovn: client.LogicalSwitchPortAdd usage
- lxd/network/openvswitch/ovn: Reduce ovn-nbctl calls in LogicalSwitchPortDeleteDNS
- lxd/network/openvswitch/ovn: Reduce calls to ovn-nbctl in LogicalSwitchPortLinkRouter
- lxd/network/openvswitch/ovn: Reduce calls to ovn-nbctl in LogicalSwitchPortLinkProviderNetwork
- lxd/network/openvswitch/ovn: Updates LogicalRouterDNATSNATDelete to support removing multiple entries in single call
- lxd/network/driver/ovn: Updates InstanceDevicePortDelete to always attempt to remove its IPs from DNAT entries
- lxd/network/openvswitch/ovn: Updates LogicalRouterRouteDelete to support removing multiple routes
- lxd/network/driver/ovn: LogicalRouterRouteDelete usage to reduce ovn-nbctl calls
- lxc/network_acl: Fix example
- i18n: Update translation templates
- lxc/project: Show description
- lxc/profile: Add description column
- lxc/storage: Add description column
- doc: improve wording of network ACLs
- doc/instances: Adds ipv4.routes and ipv6.routes for OVN NICs
- test/main: Fix clustering test typo
- test/clustering: Cleanup properly
- test/clustering: s/localhost/public/
- test/clustering: Replace sleep with wait
- test/clustring: Unset LXD_NETNS
- lxd/device/disk: Fallback to using mount device path for major/minor number extraction for BTRFS
- lxd/instance/drivers/driver/lxc: Ensure container is stopped if post start hooks fail
- lxd/instance/drivers/driver/qemu: Adds comment clarifying order of post start hook failure actions
- lxd/network/openvswitch/ovn: Adds LogicalSwitchPorts function
- lxd/network/driver/ovn: Use client.LogicalSwitchPorts in handleDependencyChange and Update
- tests: Don't block on /dev/random
- lxd/network/acl/acl/ovn: Removes unused state arg from ovnApplyToPortGroup
- lxd/network/driver/ovn: Improved comment in InstanceDevicePortAdd
- lxd/db/images: Fix incorrect cached attribute handling
- lxd/images: Improve error logging in autoUpdateImages
- doc: Added a Table of Content in /doc/index.md
- doc: Added "Feature Requests" to Bug Reports section in /doc/index.md
- lxd/patches: Fix typo in patchNetworkClearBridgeVolatileHwaddr
- lxd/patches: Adds patchNetworkACLRemoveDefaults to remove ACL default.action and default.logged keys
- doc/network-acls: Removes references to default.action and default.logged
- shared/api/network/acl: Removes reference to default.action in config
- lxd/network/acl/acl/ovn: Removes default.action and default.logged behavior
- lxd/network/acl/driver/common: Removes references to default.action and default.logged in config validation
- doc/rest-api: Refresh swagger YAML
- lxd/network/driver/ovn: Renames instance device structs to OVNInstanceNICSetupOpts and OVNInstanceNICStopOpts
- lxd/network/driver/ovn: Renames InstanceDevicePortConfigParse to instanceDevicePortRoutesParse
- lxd/network/driver/ovn: Renames InstanceDevicePortAdd to InstanceDevicePortSetup
- lxd/network/driver/ovn: Updates InstanceDevicePortDelete to accept OVNInstanceNICStopOpts
- lxd/network/driver/ovn: Updates handleDependencyChange to use n.InstanceDevicePortSetup
- lxd/device/nic/ovn: Updates ovnNet interface
- lxd/device/nic/ovn: d.network.InstanceDevicePortSetup and d.network.InstanceDevicePortDelete usage in Start()
- lxd/device/nic/ovn: d.network.InstanceDevicePortSetup usage in Update()
- lxd/device/nic/ovn: d.network.InstanceDevicePortDelete usage in Stop()
- lxd/network/acl/driver/common: Export ValidActions for network and NIC validation
- lxd/device/nic: Add support for validating security.acls.default.{in,e}gress.{action,logged} config keys
- lxd/device/nic/ovn: Validates security.acls.default.{in,e}gress.{action,logged} config keys
- doc/networks: Adds security.acls.default.{in,e}gress.{action,logged} keys to ovn network
- doc/instances: Adds security.acls.default.{in,e}gress.{action,logged} keys to OVN NIC
- api: Adds network_ovn_acl_defaults extension
- lxd/network/openvswitch/ovn: space trimming cleanup
- lxd/network/openvswitch/ovn: Renames setACLRules to aclRuleAddAppendArgs
- lxd/network/openvswitch/ovn: Updates LogicalSwitchSetACLRules to use o.aclRuleAddAppendArgs
- lxd/network/openvswitch/ovn: Updates PortGroupSetACLRules to use o.aclRuleAddAppendArgs
- lxd/network/openvswitch/ovn: Adds logicalSwitchPortACLRules function
- lxd/network/openvswitch/ovn: Updates LogicalSwitchPortDeleteDNS to use o.logicalSwitchPortDeleteDNSAppendArgs
- lxd/network/openvswitch/ovn: Adds logicalSwitchPortDeleteAppendArgs function
- lxd/network/openvswitch/ovn: Updates LogicalSwitchPortDelete to use o.logicalSwitchPortDeleteAppendArgs
- lxd/network/openvswitch/ovn: Adds LogicalSwitchPortCleanup function
- lxd/network/openvswitch/ovn: Adds aclRuleDeleteAppendArgs, PortGroupPortSetACLRules and PortGroupPortClearACLRules functions
- lxd/network/acl/acl/ovn: Renames ovnACLPriorityPortGroupDefaultReject to ovnACLPriorityPortGroupDefaultAction
- lxd/network/acl/acl/ovn: Adds OVNApplyInstanceNICDefaultRules function
- lxd/network/acl/acl/ovn: ovnApplyToPortGroup change default action to drop
- lxd/network/driver/ovn: Error improvement
- lxd/network/driver/ovn: Updates InstanceDevicePortSetup to setup NIC port default ACL rules
- lxd/network/driver/ovn: Updates InstanceDevicePortDelete to use LogicalSwitchPortCleanup
- lxd/network/driver/ovn: Adds security.acls.default.{in,e}gress.{action,logged} config key validation
- lxd/network/driver/ovn: Adds default rule config change detection to Update
- lxd/migrate: Set TrackProgress to
trueto track in-cluster progress information - lxd: Support for in-cluster progress information
- lxc/move: Support for in-cluster progress information
- lxd/device/nic/bridged: Check br_netfilter for security.ipv6_filtering loaded before clearing existing rules
- lxd/device/nic/ovn: Typo in comment
- lxd/network/openvswitch/ovn: Removes LogicalSwitchDHCPOptionsGetID
- lxd/network/driver/ovn: Use client.LogicalSwitchDHCPOptionsGet in InstanceDevicePortSetup
- lxd/network/openvswitch/ovn: Simplify LogicalSwitchDHCPOptionsDelete and make more efficient
- lxd/network/openvswitch/ovn: Use more efficient o.LogicalSwitchDHCPOptionsDelete in LogicalSwitchDelete
- lxd/network/openvswitch/ovn: Makes logicalSwitchDNSRecordsDelete more efficient
- lxd/images: Skip update if image cannot be found
- lxc/move: Support for quietFlag for in-cluster instance move
- lxd/db/cluster: Extend list of entities
- lxd/db/cluster: Fix entity URI for images
- lxd/network/network/utils: Updates GetNeighbourIPs to return slice of NeighbourIP struct (with State)
- lxd/device/nic/bridge: Updates State IP neighbour scanning to return valid state neighbours first
- lxd/instance/drivers/driver/lxc: Adds statusCode function and update State to use it
- lxd/instance/drivers/driver/lxc: Adds isRunningStatusCode function and updates IsRunning to use it
- lxd/instance/drivers/driver/lxc: Adds renderState function and updates RenderState to use it
- lxd/instance/drivers/driver/lxc: Updates RenderFull to use d.renderState
- lxd/instance/drivers/driver/lxc: Updates IsFrozen to use d.statusCode()
- lxd/instance/drivers/driver/lxc: Updates Render to use d.statusCode
- lxd/instance/drivers/driver/lxc: Updates RenderState to use statusCode
- lxd/instance/drivers/driver/qemu: Updates RenderState to use d.isRunningStatusCode
- lxd/instance/drivers/driver/qemu: Updates IsRunning to use d.isRunningStatusCode
- lxd/instance/drivers/driver/qemu: Updates IsFrozen to use d.statusCode
- lxd/instance/drivers/driver/qemu: Reduce calls to statusCode in Render
- lxd/instance/drivers/driver/qemu: Updates RenderFull to use d.renderState
- lxd/instance/drivers/driver/qemu: Adds renderState and updates RenderState to use it
- lxd/instances: Removes check for invalid state BROKEN in instancesShutdown
- lxc/action: Allow --console with stop action.
- i18n: Update translation templates
- shared/api: Label Operation structs
- lxd/operations: Add to swagger
- doc/rest-api: Refresh swagger YAML
- Makefile: Set GO111MODULE=off
- lxd/operations: Cover public endpoints
- shared/api: Fix cluster labeling
- lxd: Add project arguments to swagger
- lxd/swagger: Add background operations
- shared/api: Label Image structs
- lxd/images: Add to swagger
- doc/rest-api: Refresh swagger YAML
- lxd/instance/qemu: Disable net vectors on ccw
- lxc/list: Handle dots in device keys
- lxd/device/nic/bridged: Comment typo
- lxd/network/driver/bridge: Error quoting
- lxc/network/acl: Allow output of lxc network acl show to be used as input to lxc network acl edit
- lxd/device: Ensure type field in NetworkInterface is specified first for liblxc
- lxc/list: Add more instance filters
- i18n: Update translation templates
- Revert "doc: Added a Table of Content in /doc/index.md"
- lxd/device/gpu_mdev: Simplify start logic
- lxd/device/gpu_mdev: Support mdev on top of SR-IOV
- lxc/list: Remove name filter
- lxc/list: Rename state to inst
- lxc/list: Cleanup comments
- lxc/list: Pass state to filters
- lxc/list: ipv4/ipv6 filters apply to state
- lxc/list: Optimize filtering
- lxc/list_test: Rename state to inst
- lxc/list_test: Fix function signature
- lxc/list_test: Fix name filter
- lxc/list_test: Add state testing
- i18n: Update translation templates
- lxc/config: Add system-wide remotes
- lxc/remote: Add system-wide remotes
- lxc/info: Sort the mdev profiles
- lxc-to-lxd: Fix test (type always goes first)
- lxd/storage/drivers/driver/ceph/volumes: Don't ignore unmount/unmap failures in DeleteVolume
- doc: Remotes documentation
- i18n: Update translation templates
- test/suites/clustering: Retry removing node from database in test_clustering_remove_raft_node
- lxd/gpu/physical: Fix compute-only passthrough
- doc/instances: Mark mdev field as required
- lxd/db/profiles: Cleanup arg names and errors in GetProfiles
- lxd/api/internal: Adds internalImportRootDevicePopulate function
- lxd/api/internal/test: Add tests for internalImportRootDevicePopulate
- lxd/api/internal: Updates internalImport to use internalImportRootDevicePopulate
- lxd/storage/errors: Removes ErrNotImplemented
- lxd/storage/load: Return drivers.ErrNotSupported in GetPoolByInstance when storage pool doesn't support instance type
- lxd/storage/backend/lxd: drivers.ErrNotImplemented usage
- lxd/storage/backend/mock: drivers.ErrNotImplemented usage
- lxd/instance/drivers/driver/lxc: Check pool supports instance type in lxcCreate
- lxd/instance/drivers/driver/qemu: Check pool supports instance type in qemuCreate
- lxd/instance/drivers/driver/lxc: Use errors.Cause
- lxd/instance/drivers/driver/qemu: Use errors.Cause
- lxd/instance/drivers: Clearer pool load failure message
- lxd/backup: Clearer pool load failure message
- lxd/instance: Add revert package usage
- lxd/instance: Clearer error messages
- lxd/migrate/instance: storageDrivers.ErrNotImplemented usage
- test/suites/backup: Add tests for checking lxd import profile root disk support
- lxd/storage/backend/lxd: Check custom volume type is supported by storage pool
- cluster: Larger Timeout to find leader
- lxd/firewall/firewall/interface: Add NetworkSetup and remove feature specific network setup functions
- lxd/firewall/drivers/driver/consts: Add network firewall Opts
- lxd/firewall/drivers/drivers/nftables: Implement NetworkSetup and unexport per-feature setup functions
- lxd/firewall/drivers/drivers/xtables: Implement NetworkSetup and unexport per-feature setup functions
- lxd/network/driver/bridge: Switch to n.state.Firewall.NetworkSetup usage
- doc/instance: Fix escaping
- lxd/device/gpu: Add NVIDIA MIG support
- doc/instances: Add GPU MIG
- api: gpu_mig extension
- doc/projects: Sort config keys
- lxd/project: Add skipUnset
- lxd/project: Refactor instance counting
- api: project_usage
- shared/api: Add ProjectState
- lxd/project: Add getAggregateLimits
- lxd/project: Add GetCurrentAllocations
- lxd/projects: Add state endpoint
- client: Add GetProjectState
- lxc/project: Add info sub-command
- i18n: Update translation templates
- doc/rest-api: Add project state
- doc/rest-api: Refresh swagger YAML
- tests: Test for lxc project info
- client: Fixes GetContainerLogfiles and GetInstanceLogfiles
- doc/metadata: Adds remotes section
- lxd/firewall/drivers/drivers/xtables: errors.Wrapf usage
- lxd/firewall/drivers/drivers/xtables: Removes unused args from generateFilterIptablesRules
- lxd/firewall/drivers/drivers/xtables: Adds iptablesChainCreate and iptablesChainExists functions
- lxd/firewall/drivers/drivers/xtables: Moves NIC level security filtering rules into own chain
- shared/validate: Allow uppercase letters in PCI addresses
- shared/validate: Update unit tests for PCI addresses
- lxd/instance/drivers: Restrict virtiofs to Intel architectures
- lxd/device/disk: Restrict virtiofs to x86_64
- lxd/cluster: Don't copy all images on startup
- tests: Disable test_clustering_image_replication
- lxd/task: Add Hourly convenience function
- lxd/images: Use Hourly() in autoUpdateImagesTask
- lxd/firewall/firewall/interface: Adds delete and ipVersions slice args to NetworkClear
- lxd/network/driver/bridge: n.state.Firewall.NetworkClear usage in setup
- lxd/network/driver/bridge: firewall setup debug logging
- lxd/network/driver/bridge: n.state.Firewall.NetworkClear usage in Stop
- lxd/firewall/drivers/drivers/nftables: NetworkClear updated with new arguments
- lxd/firewall/drivers/drivers/xtables: Updates networkSetupNICFilteringChain to use network-specific chain
- lxd/firewall/drivers/drivers/xtables: Updates generateFilterIptablesRules to use network-specific chain
- lxd/firewall/drivers/drivers/xtables: No need to use LookPath in iptablesChainCreate
- lxd/firewall/drivers/drivers/xtables: Adds iptablesChainDelete function
- lxd/firewall/drivers/drivers/xtables: NetworkClear updated to add new arguments
- doc: Add aliases to snapshots.schedule
- api: snapshots_schedule_aliases
- lxd/util: Rework random functions
- lxd/instance: Move NextSnapshotName
- lxd/snapshot: Add snapshot aliases
- lxd: Use snapshot aliases
- lxd/operations: Fix possible NPE
- lxd/instance: Add startup snapshot
- shared/validate: Add IsCron validator
- tests: Add snapshot scheduling
- i18n: Update translations from weblate
- lxd/storage/drivers/driver/zfs/volumes: Only mount instance filesystem volumes in postHook for CreateVolumeFromBackup
- lxd/operations: Don't wait for tokens
- lxd/images: Run autoSyncImagesTask hourly
- lxd/db/images: Add GetImages
- lxd/images: Retrieve all images on sync
- lxd/images: Use CopyImage() in autoSyncImages
- lxd/daemon: Fix comment about autoSyncImages
- lxd: Sync images on cluster node removal
- lxd: Sync images when cluster.images_minimal_replica changes
- tests: Re-enable image replication tests
- lxd: Sync images on cluster node join
- lxd/images: Pick a random source node for replication
- lxd/operations: Export OperationClass type
- client: Fix copy of VM snapshots
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.12 リリースのお知らせ¶
5th of March 2021
はじめに ¶
LXD チームは LXD 4.12 のリリースをお知らせできることにとてもワクワクしています!
このリリースの目玉機能は間違いなく、ネットワーク ACL を導入したことです。現時点では、この機能は OVN ネットワークでのみ使えますが、すぐに普通の LXD ブリッジでも使えるようになるでしょう。
さらに、このリリースでは仮想マシンのステートフルな停止とスナップショット、新しい Ceph の設定オプション、そしてプロジェクト向けのたくさんの新機能も追加されています。
最後に LXD チームは、このリリースでの多数の LXD の新機能に取り組んでくれた Piotr Resztak に感謝の意を表したいと思います。
Enjoy!
新機能とハイライト ¶
ネットワーク ACL の初期サポート(OVN のみ) ¶
LXD はネットワーク ACL (access control list) の仕組みを持つようになりました。これを使って、ACL をいくつでも作成でき、それをネットワーク全体や特定のインスタンス NIC に割り当てられるようになりました。
各 ACL は、入出力のルールの組や、いくつかの設定を含む場合があります。
ACL は、トラフィックのソースとディスティネーションとしてお互いを参照でき、アドレスですべてをトラッキングするのではなく、インスタンスをラベリングし、ルール内でそれらのラベルを使うことができます。
例えば、3 つの ACL を持つネットワークがあるとします:
- default(ネットワークに対して適用)、一般的な外部サービス向けの外向きの通信を許可します
- web(Web サーバーに対して適用)、TCP 80/443 番ポートに対する内向きの通信を許可します
- database(データベースサーバーに対して適用)、
web内のサーバーから TCP 5432 番ポートに対する内向きの通信を許可します
この機能はすべて lxc network acl コマンドで設定でき、設定すると security.acls を使ってネットワークやインスタンスに割り当てられます。
この機能は現時点では OVN ネットワークでのみ使えます。LXD 4.13 では、いくつかの制限はあるかもしれませんが、xtables と nft ファイアウォールドライバーを使った、マネージドな LXD ブリッジにも拡張する予定です。
仮想マシンでのステートフルな停止とスナップショット ¶
LXD が仮想マシンの実行中の状態をディスクにダンプできるようになりました。この機能は lxc stop --stateful と lxc snapshot --stateful コマンドで実行できます。
ステートフルな停止の場合、VM の状態はディスクに書き出され、その後エミュレーターは停止します。再度 VM を実行したい場合は、単に lxc start と実行すると、VM の状態がリストアされ、停止した時点から実行が再開されます。
同様に、ステートフルなスナップショットは、スナップショット時点の VM の実行状態を記録します。lxc restore --stateful コマンドを使って、VM 実行時の状態も含めて、その VM をその時間に戻すことができます。
この機能は、特にホストの再起動前に実行中の VM を限定的に中断できるので便利です。また、lxc move を使ってこのような VM を再配置し、他のシステム上で停止していた所から処理を再開することもできます(現時点では全く同じ CPU が必要です)。
これらと同じメカニズムは近い将来、VM のライブマイグレーション機能を実現するために拡張される予定です。そして、ダウンタイムをさらに短縮し、VM を少し違う CPU に移動できるようにいくつかの制限を追加する予定です。
これを可能にするために、VM では migration.stateful を true に設定し、size.state を root ディスクデバイスに設定し、実行状態を保存するための追加スペースを確保しなければなりません。このモードでは、PCI パススルーと virtiofs は無効化されます。
プロジェクト内に制限された証明書 ¶
LXD のトラストストア内の特定の証明書を、特定のプロジェクトでのみ有効にできるようになりました。このように設定すると、制限された証明書は制限されたロールとなり、グローバルな設定に影響を与えるのを防いだり、プロジェクトの再設定を防いだりできます。
これは LXD で Canonical の RBAC サービスを通して operator ロールを取得しているのとほぼ同等です。
このような管理を行うために、新しいコマンドである lxc config trust edit と lxc config trust show を追加しました。lxc config trust add は --restricted と --projects が使えるように拡張されました。
プロジェクトレベルのサーバーの設定オプションサポート ¶
多数のグローバルな設定オプションがプロジェクト特有の値を持てるようになりました:
- images.compression_algorithm
- backups.compression_algorithm
- images.remote_cache_expiry
- images.auto_update_cache
これらをプロジェクト内に設定すると、グローバル設定のそれぞれの値が上書きされます。
プロジェクトでクラスターのターゲット指定を制限可能 ¶
4.12 で追加されたもうひとつのプロジェクト設定キーは restricted.cluster.target です。
これを設定すると、制限のかかったプロジェクト内の管理者以外のユーザーは、クラスターメンバーのターゲット指定(--target)が使えなくなります。その際でも、管理者にはそれが許可されていますので、手動でのクラスターのリバランスやノードの退避操作を行えます。
Ceph 機能の設定オプション ¶
新たに Ceph ストレージプール用の設定オプションが追加されました。ceph.rbd.features は新たなボリュームで有効にする RBD 機能のカンマ区切りのリストです。これは、これまではハードコードされていたデフォルト値の layering を置き換えます。そして、すべてのシステムでサポートされている場合に、最新の Ceph の機能を有効にできます。
lxd init --dump と --preseed でのプロジェクトサポート ¶
lxd init --dump は YAML 出力の一部としてプロジェクトを含むようになりました:
projects:
- config:
features.images: "true"
features.networks: "true"
features.profiles: "true"
features.storage.volumes: "true"
description: Default LXD project
name: default
- config:
features.images: "true"
features.profiles: "true"
features.storage.volumes: "true"
description: ""
name: demo
そしてこれにより、当然 lxd init --preseed にフィードバックして新しいサーバーを設定できます。
Initial auto-generated REST-API documentation¶
LXD は手動で更新されている REST API documentation の代わりに、API ドキュメントをゆっくり Swagger に移行しています。
現在はいくつかのエンドポイントのみをサポートしており、LXD 4.13 でこの作業が終えるつもりです。プレビューは https://dl.stgraber.org/swag-lxd/ でご覧になれます。
すべての変更点(翻訳なし) ¶
このリリースでの完全な変更点のリストは次のとおりです:
- containers: simplify wstatus.Close() logic in Exec()
- containers: reap zombies on attach failure
- seccomp: block openat2()
- lxd/instance/qemu/qmp: Add SendFile, Migrate and MigrateIncoming
- lxd/instance/qemu/qmp: Add ping function
- lxd/instance/qemu/qmp: Re-shuffle functions
- lxd/instance/qemu/qmp: Rework run() function
- lxd/instance/qemu/qmp: Update commands to use run()
- lxd/network/network/utils: Fixes InterfaceExists to not return true if arg is empty string
- lxd/device/nic/routed: Dont give sysctl read error when invalid value
- lxd/device/nic/ipvlan: Dont give sysctl read error when invalid value
- lxd/device/nic/ipvlan: network.InterfaceExists usage
- lxd/device/nic/ipvlan: Detach ipvlan interface back to random host name on stop, then delete
- lxd/db/instances: Adds ErrInstanceListStop that can be returned from InstanceList to stop search
- shared/validate/validate: Adds IsNetworkRange and IsNetworkAddressCIDR functions
- shared/validate/validate: Adds IsNetworkPort and IsNetworkPortRange functions
- lxd/util/config: Adds SplitNTrimSpace function
- lxd/util/config: Avoid unnecessary allocations in CopyConfig
- api: Adds network_acl extension
- shared/api/network/acl: Adds shared struct types for Network ACLs
- shared/api/network/acl: Adds rule Normalise function
- lxd/db/cluster: Adds networks_acls and networks_acls_config tables
- lxd/db/network/acls: Adds GetNetworkACL function
- lxd/db/network/acls: Adds CreateNetworkACL function
- lxd/db/network/acls: Adds GetNetworkACLs function
- lxd/db/network/acls: Adds UpdateNetworkACL function
- lxd/db/network/acls: Adds RenameNetworkACL function
- lxd/db/network/acls: Adds DeleteNetworkACL function
- lxd/network/acl: Adds ACL package for managing Network ACLs
- lxd: Add network-acls API hooks
- lxd/network/acls: Implements networkACLGet function
- lxd/network/acls: Implements networkACLsPost function
- lxd/network/acls: Implements networkACLsGet function
- lxd/network/acls: Implements networkACLPut function
- lxd/network/acls: Adds PATCH support to networkACLPut
- lxd/network/acls: Implements networkACLPost function
- lxd/network/acls: Implements networkACLDelete function
- client/interfaces: Adds CreateNetworkACL
- client/interfaces: Adds GetNetworkACLs
- client/interfaces: Adds GetNetworkACL
- client/interfaces: Adds UpdateNetworkACL
- client/interfaces: Adds RenameNetworkACL
- client/interfaces: Adds DeleteNetworkACL
- client/interfaces: Adds GetNetworkACLNames
- client/lxd/network/acls: Implements CreateNetworkACL function
- client/lxd/network/acls: Implements GetNetworkACLs function
- client/lxd/network/acls: Implements GetNetworkACL function
- client/lxd/network/acls: Implements UpdateNetworkACL function
- client/lxc/network/acls: Implements RenameNetworkACL function
- client/lxd/network/acls: Implements DeleteNetworkACL function
- client/lxd/network/acls: Implements GetNetworkACLNames function
- lxc/network: Registers acl subcommand from network command
- lxc/network/acl: Add network acl command section
- lxc/network/acl: Adds cmdNetworkACLCreate command
- lxc/network/acl: Adds cmdNetworkACLList command
- lxc/network/acl: Adds cmdNetworkACLGet and cmdNetworkACLShow commands
- lxc/network/acl: Adds cmdNetworkACLSet command
- lxc/network/acl: Adds cmdNetworkACLUnset command
- lxc/network/acl: Adds cmdNetworkACLEdit command
- lxc/network/acl: Adds cmdNetworkACLRename command
- lxc/network/acl: Adds cmdNetworkACLDelete command
- lxc/network/acl: Adds cmdNetworkACLRule subcommand with add/remove rule commands
- doc/rest-api: Adds network ACL endpoint docs
- test: Adds network ACL tests
- doc/network-acls: Adds Network ACLs documentation
- i18n: Update translation templates
- lxd/network/driver/ovn: Uplink loading error improvements
- lxd/device/nic/sriov: network.InterfaceExists usage
- lxd/network/network/utils: InterfaceExists usage in InterfaceBindWait
- lxd/device/nic/sriov: Use random VF MAC if VF has no automatic MAC set
- lxd/instance/qemu: Rework lxd-agent startup
- lxd/device/disk: Validate that the pool is not pending
- api: migration_stateful
- shared: Add migration.stateful
- doc/instance: Add migration.stateful
- lxd/instance/qemu: Add migration.stateful support
- lxd/device: Add migration.stateful support
- lxd/instance/qemu: Add checks for migration.stateful
- api: disk_state_quota
- doc/instances: Add size.state
- lxd/storage: Add support for size.state
- lxd/api: Port to updated SetInstanceQuota
- lxd/device/disk: Add support for size.state
- lxd/instance: Prevent stateful snapshots of VMs
- lxd/instance/qemu: Add stateful stop/start
- doc: Drop API extension columns
- api: storage_ceph_features
- lxd/storage: Add ceph.rbd.features
- doc/storage: Add ceph.rbd.features
- scripts/bash: Add ceph.rbd.features
- doc: Fix bad Github action link
- lxd/instance/qemu/qmp: Switch back to upstream repo
- lxd/device/device/interface: Adds Type interface for accessing type specific functions of a device
- lxd/device/device/common: UpdatableFields signature change
- lxd/device/nic/bridged: UpdatableFields signature change
- lxd/device/nic/p2p: UpdatableFields signature change
- lxd/device/nic/routed: UpdatableFields signature change
- lxd/device/disk: UpdatableFields signature change
- lxd/device/device/load: Adds newByType and LoadByType functions
- lxd/instance/drivers: UpdatableFields usage
- lxd/device/device/utils/network: Changes veth route functions to not depend on device specific logic
- lxd/device/nic/bridged: Switches to use NIC type agnostic route helper functions
- lxd/device/nic/p2p: Switches to use NIC type agnostic route helper functions
- lxd/instance/drivers/driver/common: Update comment for deviceVolatileReset to match
- lxd/instance/drivers/driver/lxc: Removes deviceResetVolatile provided by common
- lxd/instance/drivers/driver/qemu: Removes deviceResetVolatile provided by common
- lxd/instance/drivers: d.deviceVolatileReset usage
- doc/preseed: LXD is pronounced lex-dee
- doc/api-extensions: LXD is pronounced lex-dee
- tests: Typo fix
- lxd/storage: LXD is pronounced lex-dee
- lxd/firewall: LXD is pronounced lex-dee
- lxd/network: LXD is pronounced lex-dee
- lxd/api: LXD is pronounced lex-dee
- lxd/device: LXD is pronounced lex-dee
- lxd/storage/utils: Updates VolumeUsedByExclusiveRemoteInstancesWithProfiles to use db.ErrInstanceListStop
- lxd/network/network/utils: Adds optimisation to UsedBy when firstOnly is true
- lxd/network/network/utils: Removes whitespace trimming from SubnetParseAppend
- lxd/api/project: Updates projectValidateRestrictedSubnets to use util.SplitNTrimSpace
- lxd/network/driver/ovn: Switch to util.SplitNTrimSpace
- lxd/device/nic/ovn: Updates usage of network.SubnetParseAppend to use util.SplitNTrimSpace
- lxd/network/acl/acl/load: Adds Exists function
- lxd/network/acl/acl/load: Adds UsedBy function
- lxd/network/acl/driver/common: Updates usedBy to use UsedBy
- lxd/network/driver/ovn: Adds OVNInstanceNICSetupOpts and OVNInstanceNICOpts types
- lxd/network/driver/ovn: InstanceDevicePortAdd updated arguments
- lxd/network/driver/ovn: InstanceDevicePortDelete updated arguments
- lxd/network/driver/ovn: n.InstanceDevicePortAdd usage
- lxd/device/nic/ovn: ovnNet update of arguments
- lxd/device/nic/ovn: d.network.InstanceDevicePortAdd and d.network.InstanceDevicePortDelete usage
- lxd/network/openvswitch/ovn: Converts LogicalSwitchPortExists to LogicalSwitchPortUUID
- lxd/network/openvswitch/ovn: Converts string UUID variables to their own dedicated types
- lxd/network/driver/ovn: Updates usage of OVN UUID types
- lxd/network/driver/ovn: client.LogicalSwitchPortUUID usage
- lxd/network/driver/ovn: Adds DNSName to OVNInstanceNICStartOpts
- lxd/network/driver/ovn: Updates InstanceDevicePortAdd with opts.DNSName field name change
- lxd/network/driver/ovn: Updates InstanceDevicePortAdd with opts.DNSName field name change in handleDependencyChange
- lxd/device/nic/ovn: Updates use of d.network.InstanceDevicePortAdd with DNSName
- utils: trim whitespace from block device UUID
- lxd/storage/drivers/btrfs: Add up fs and block quota for VMs
- lxd/storage/drivers/dir: Pass int64 size to setQuota
- lxd/storage/drivers/dir: Add up fs and block quota for VMs
- shared/validate/validate: Add IsCompressionAlgorithm
- lxd/projects: Add backups.compression_algorithm and images.compression_algorithm
- lxd/cluster: Update compression validation
- lxd/images: Add checks for images.compression_algorithm
- lxd/backup: Add checks for backups.compression_algorithm
- doc/projects: Add backups.compression_algorithm and images.compression_algorithm
- api: projects_compression
- lxd/instance: Move CreateInternal
- lxd/instance/drivers: Rename restart to restartCommon
- lxd/instance/drivers: Move snapshot creation to the driver
- lxd/network/network/utils: Converts UsedBy to use InstanceList function
- lxd/network/network/utils: Changes isInUseByDevices to isInUseByDevice
- lxd/network/network/utils: Adds usedByInstanceDevices function
- lxd/device/nic/ovn: Removes non-ovn related limit code, use network.InterfaceExist
- lxd/network/driver/ovn: Removes unnecessary calls to CloneNative in ovnNICExternalRoutes
- lxd/instance/qemu: Add restoreState
- lxd/instance/qemu: Add saveState
- lxd/instance/qemu: Add stateful snapshot
- lxd/db: Fix bad indent
- lxd/db: Fix projects_used_by_ref for remote storage
- lxd/cluster: Guarantee single hearbeat loop
- doc/rest-api: Fix and clarify backup API
- lxd/cluster: Improve heartbeat logging
- lxd/api: Don't use potentially nil struct
- lxd/init: Better error on invalid auto-detect fan underlays
- doc/rest-api: More fixes for backups
- lxd: Remove ReadToJSON
- lxd/db: Fix RenameCertificate
- lxd/certificate: Modernize DB handling
- lxd/certificate: Rework cache
- lxd/projects: Add images.remote_cache_expiry
- lxd/db/images: Changes GetExpiredImages to GetExpiredImagesInProject
- lxd/images: Support images.remote_cache_expiry per-project
- doc/projects: Add images.remote_cache_expiry
- api: projects_images_remote_cache_expiry
- doc/backup: Mention subuid/subgid
- lxd/db/certificates: Fix bad error handling
- api: certificate_project
- shared/api: Add restricted and projects to certificate
- lxd/db: Add support for restricted certificates
- lxd/certificates: Add support for restricted and projects
- lxd/daemon: Add TLS permission checks
- doc/security: Cover TLS restrictions
- lxc/config/trust: Add Edit
- lxc/config/trust: Add Show
- i18n: Update translation templates
- tests: Validate TLS restrictions
- lxd/instance/drivers/driver/lxc: Log when skipping volume delete in a recovery import scenario
- lxd/api/internal: Don't create .importing file when performing a backup import in internalImport
- lxd/api/internal: internalImport usage
- lxd/instance/instance/utils: CreateInternal usage of revert package
- lxd/instances/post: internalImport usage
- lxd/network/network/utils: Reorder UsedBy logic to do cheapest searches first
- lxd/db/network/acls: Makes slice allocation more efficient in GetNetworkACLs
- lxd/db/network/acls: Adds GetNetworkACLIDsByNames function
- lxd/network/openvswitch/ovn: Adds PortGroupUUID function
- lxd/network/openvswitch/ovn: Adds PortGroupAdd function
- lxd/network/openvswitch/ovn: Adds PortGroupMemberAdd function
- lxd/network/openvswitch/ovn: Adds OVNACLRule struct type
- lxd/network/openvswitch/ovn: Adds PortGroupSetACLRules function
- lxd/network/openvswitch/ovn: Adds PortGroupDelete function
- lxd/network/openvswitch/ovn: Adds LogicalSwitchSetACLRules function
- lxd/network/openvswitch/ovn: Adds PortGroupMemberDelete function
- lxd/network/acl/acl/ovn: Adds OVN ACL helper functions
- lxd/network/acl: Adds support for using state when creating ACL record
- lxd/network/acl/acl/load: Updates UsedBy to allow searching for multiple ACLs in one pass
- lxd/network/acl/driver/common: Updates usedBy to use updated UsedBy helper function
- lxd/network/acl/driver/common: Makes Update apply new ACL rules to OVN port groups and instance ports
- lxd/network/driver/ovn: Applies baseline network ACL rules in setup via acl.OVNApplyNetworkBaselineRules
- lxd/network/driver/ovn: Adds SecurityACLs and SecurityACLsRemove to OVNInstanceNICStartOpts
- lxd/network/driver/ovn: Adds Security ACL support to InstanceDevicePortAdd
- lxd/network/driver/ovn: Adds PortGroupDeleteIfUnused to remove unused ACL port groups
- lxc/network/driver/ovn: Adds support for security.acls assigned to OVN networks
- lxd/device/nic: Adds security.acls optional field
- lxd/device/nic/ovn: Adds security.acls support for OVN NICs
- doc/metadata: Adds Network ACL left menu item section
- api: Adds network_ovn_acl extension
- doc: Adds security.acls property to OVN networks and NICs
- tests: Reword deadcode
- lxd/db: Remove unused code
- shared/log15: Remove dead code
- lxd/network/acl: Remove unused code
- lxd/storage/drivers/driver/btrfs: Unset pool size setting during creation if not relevant
- lxd/storage/drivers/driver/btrfs: Consistent error quoting in Create
- lxd/storage/pools/config: Consistent error quoting in storagePoolValidateConfig
- driver_lxc: pass flags to shiftfs mount
- lxd/network/driver/bridge: Ensure that DHCP firewall rules are added in fan mode
- lxd/network/driver/ovn: Don't delete port groups if their associated ACLs are referenced by rules in other ACLs
- lxd/network/acl/acl/ovn: Adds OVNEnsureACLs function and unexports ovnApplyToPortGroup
- lxd/network/acl/driver/common: Switch Update to use OVNEnsureACLs
- lxd/network/driver/ovn: Switch setup to use OVNEnsureACLs
- lxd/network/driver/ovn: Switch InstanceDevicePortAdd to use OVNEnsureACLs
- Makefile: Add update-api
- shared/api: Label Server structs
- lxd: Setup API metadata
- lxd: Add / and /1.0 to swagger
- tests: Update deadcode for swagger
- doc: Include initial YAML version of rest-api
- lxd/certificates: Add to swagger
- shared/api: Label Certificate structs
- doc/rest-api/swagger: Update for certificates
- lxd/storage/drivers/utils: Comment clarify in BlockDiskSizeBytes
- lxd/network/openvswitch/ovn: Renames PortGroupUUID to PortGroupInfo
- lxd/network/acl/acl/ovn: client.PortGroupInfo usage
- lxd/network/driver/ovn: client.PortGroupInfo usage
- lxd/network/acl/acl/ovn: Refactors OVNEnsureACLs to be smarter in how it sets up referenced ACLs
- lxd/network/driver/ovn: Don't check if port group exists when removing port member in InstanceDevicePortAdd
- lxd/resources/storage: Rework block size handling
- Updated instanceLogDelete function
- lxd/device/disk: Tweak mkisofs flags
- lxd/init: Add projects to dump/init preseed
- lxd/network/driver/ovn: Consistently use aclNameIDs var name
- lxd/instance/post: Update instancePostClusteringMigrate to respect instance's project
- lxd/instance/backup: Makes returned containers resource conditional on instance type
- lxd/instance/console: Conditional containers resources
- lxd/instance/delete: Updates instanceDelete to use inst var and makes returned containers resources conditional on instance type
- lxd/instance/exec: Makes containers resources conditional on instance type
- lxd/instance/post: Renames c to inst and makes containers resources conditional on instance type
- lxd/instance/put: Renames c to inst and makes containers resources conditional on instance type
- lxd/instance/snapshot: Renames sc to snapInst and makes containers resources conditional on instance type
- lxd/instances/post: Makes containers resources conditional on instance type
- lxd/device/nic/ovn: Clearer error message in validateConfig
- lxd/network/openvswitch: Centralises DB OVN connection string retrieval in NewOVN
- lxd/network/driver/ovn: openvswitch.NewOVN usage
- lxd/network/acl/driver/common: openvswitch.NewOVN usage
- lxd/network/acl/acl/ovn: Adds OVNPortGroupDeleteIfUnused
- lxd/network/driver/ovn: Removes PortGroupDeleteIfUnused and acl.OVNPortGroupDeleteIfUnused usage
- lxd/device/nic/ovn: acl.OVNPortGroupDeleteIfUnused usage
- lxd/network/acl/driver/common: Calls OVNPortGroupDeleteIfUnused during Update
- lxd/network/acl/acl/load: Only return unique list of ACLs when matching on ACL rulesets in UsedBy
- lxd/network/acl/acl/ovn: Create referenced ACL port groups when reapplying rules from an existing ACL
- doc/rest-api: Updates backup endpoint docs
- lxd/cluster: Don't warn about pending nodes
- lxd/instances: Fix instance copy within project
- netutils: improve file descriptor retrieval and increase robustness
- lxd/cluster: Remove AutoUpdateInterval and RemoteCacheExpiry
- lxd/daemon: Add daemon startTime variable, remove taskAutoUpdate
- lxd/instances/post: Support images.auto_update_cached per-project
- lxd/api: Remove taskAutoUpdate reset
- lxd/projects: Add images.auto_update_cached and images.auto_update_interval
- lxd/images: Support images.auto_update_interval per-project
- api: projects_images_auto_update
- doc/projects: Add images.auto_update_cached and images.auto_update_interval
- Update for Go 1.17 go:build tags
- lxd/api: Add project and target arguments to doc
- shared/api: Add comments to certificate fields
- shared/api: Add comments to server fields
- lxd/resources: Add swagger documentation
- shared/api: Label Resources structs
- doc/rest-api: Refresh swagger YAML
- doc/projects: Projects aren't restricted by default
- lxc/config/trust: Allow restricting on add
- i18n: Update translation templates
- lxd/storage/drivers/util: Updates ensureVolumeBlockFile to add unsupportedResizeTypes argument
- lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolume with ensureVolumeBlockFile comments
- lxd/storage/drivers/driver/btrfs/volumes: Updates SetVolumeQuota to pass VolumeTypeImage to ensureVolumeBlockFile
- lxd/storage/drivers/driver/dir/volumes: Comment improvement in CreateVolume
- lxd: improve unix fd retrieval infrastructure
- lxd/db: Don't fail preparing statements for activateifneeded
- unixfd: vet all parameters
- lxd/internal: Don't access undefined fields
- tests: Fix project limits on arm64
- doc/README: Drop readthedocs
- lxd/network/acl/acl/load: Adds NetworkUsage function
- lxd/network/acl/driver/common: Adds ruleSubjectInternal and ruleSubjectExternal constants
- lxd/network/acl/driver/common: Updates validateRule to allow ruleSubjectInternal and ruleSubjectExternal values
- lxd/network/openvswitch/ovn: Updates LogicalSwitchDelete to delete associated port groups
- lxd/network/openvswitch/ovn: Adds setACLRules to more efficiently set multiple rules in one command
- lxd/network/openvswitch/ovn: Updates LogicalSwitchSetACLRules to use o.setACLRules
- lxd/network/openvswitch/ovn: Updates PortGroupAdd to support associating to a project and optionally another port group and/or logical switch
- lxd/network/openvswitch/ovn: Updates PortGroupDelete to support multiple specified port groups
- lxd/network/openvswitch/ovn: Updates PortGroupSetACLRules to use o.setACLRules
- lxd/network/openvswitch/ovn: Replaces PortGroupMemberAdd and PortGroupMemberDelete with PortGroupMemberChange
- lxd/network/openvswitch/ovn: Adds PortGroupListByProject function
- lxd/network/openvswitch/ovn: Use constants for OVN external IDs
- lxd/network/acl/acl/ovn: Adds ovnACLPortGroupPrefix constant
- lxd/network/acl/acl/ovn: Adds helper functions for entity name generation
- lxd/network/acl/acl/ovn: Updates ovnAddReferencedACLs to ignore ruleSubjectInternal and ruleSubjectExternal values
- lxd/network/acl/acl/ovn: Updates ovnApplyToPortGroup and associated functions to support network specific port group ACL rules
- lxd/network/acl/acl/ovn: Removes trailing space in generated rule in OVNApplyNetworkBaselineRules
- lxd/network/acl/acl/ovn: Comment improvements
- lxd/network/acl/acl/ovn: Updates OVNEnsureACLs to support applying network specific port group rules
- lxd/network/acl/acl/ovn: Adds OVNPortGroupInstanceNICSchedule helper function
- lxd/network/acl/acl/ovn: Updates OVNPortGroupDeleteIfUnused to delete unused per-ACL-per-network port groups
- lxd/network/acl/driver/common: Updates to use NetworkUsage and pass list of networks using ACL to OVNEnsureACLs
- lxd/network/driver/ovn: Updates OVN driver to use helper functions from ACL package rather than duplicate logic
- lxd/network/driver/ovn: Create internal port group for instance NICs on setup
- lxd/network/driver/ovn: acl.OVNEnsureACLs and client.PortGroupMemberChange usage
- lxd/network/driver/ovn: client.PortGroupAdd usage in setup
- lxd/network/acl/driver/common: Adds support for default.logged and default.action ACL config properties
- doc/network/acls: Documents default.logged and default.action ACL config properties
- lxd/network/acl/acl/ovn: Adds support for default.logged and default.action
- lxd/network/acl/driver/common: Adds reject support
- lxd/network/acl/acl/ovn: Allow IPv4 IGMP and IPv6 MLD reports in network baseline rules
- lxd/network/acl/acl/ovn: Add network baseline rules to allow reject packets from ACL reject rules
- lxc/remote: Update working to line up with project
- i18n: Update translation template
- lxd/profiles: Add to swagger
- shared/api: Label Profiles structs
- lxd/projects: Add to swagger
- shared/api: Label Projects structs
- lxd/events: Add to swagger
- shared/api: Label Events structs
- lxd/networks: Add to swagger
- shared/api: Label Networks structs
- shared/api: Hide API extensions from swagger
- doc/rest-api: Refresh swagger YAML
- lxd/device/gpu: Optimize setupSriovParent
- lxd/device: Save parent PCI address for GPU SR-IOV
- lxd/network/network/utils/sriov: Refactors SRIOVFindFreeVirtualFunction and sriovGetFreeVFInterface
- lxd/network/network/utils/sriov: Modifies sriovGetFreeVFInterface to check a VF is down and has no IPs before considering it available
- shared/validate/validate: Adds IsInterfaceName function
- lxd/network/network/utils: Removes validInterfaceName function
- lxd/network/driver: validate.IsInterfaceName usage
- lxd/device/nic: Validate that NIC name property is valid interface name
- lxd/device/nic: Adds nicCheckNamesUnique function
- lxd/device/nic: Updates nicValidationRules to accept a instance.ConfigReader argument and use nicCheckNamesUnique
- lxd/device: nicValidationRules usage
- lxd/device: Return -1 if all VFs are in use
- lxd/device: Support multiple GPUs for SR-IOV
- shared/api/cluster: Architecture is a read-only field
- lxd/network_acls: Add to swagger
- shared/api: Label Network ACLs structs
- lxd/cluster: Add to swagger
- shared/api: Label Cluster structs
- doc/rest-api: Refresh swagger YAML
- lxd/network/network/utils/sriov: Don't fail when missing vfListPath in sriovGetFreeVFInterface
- shared/util: Add GetStableRandomInt64FromList
- lxd/db/images: Add AutoUpdate filter
- lxd/vsock: Better handle errors
- lxd/db/images: Add helper functions
- docs: typo on JSON schema
- lxd/vsock: Retry timeouts once
- lxd/db: Set nodes.id to auto-increment
- lxd/images: Fix auto image updates
- lxd: Add internal endpoints for updates
- test/suites: Test image refresh in cluster
- i18n: Update translations from weblate
- lxd/images: Properly spread replicated images
- lxd/project: Add CheckClusterTargetRestriocion
- lxd/projects: Add restricted.cluster.target
- lxd: Support for restricted.cluster.target
- api: projects_restricted_cluster_target
- doc/projects: Add restricted.cluster.target
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.11 リリースのお知らせ¶
5th of February 2021
はじめに ¶
LXD チームは LXD 4.11 のリリースをお知らせできることにとてもワクワクしています!
このリリースはかなり機能的なリリースで、たくさんの新しい API 機能や、ネットワーク設定、仮想マシンで使用するための新しいデバイスが追加されました。
Enjoy!
新機能とハイライト ¶
インスタンスの状態を一括で変更する API ¶
新しい API が PUT /1.0/instances として追加されました。これによりターゲットのプロジェクト内のすべてのインスタンスの状態を更新できます。
簡単に、次のように行うと:
{"state": {
{"action": "restart"}
}
LXD は並列でプロジェクト内のすべてのインスタンスを再起動します。
これは、--all フラグを指定すると、コマンドラインユーティリティ自身に一括操作を行わせるのではなく、lxc start/stop/restart/pause コマンドで自動的に使われるようになりました。
ダイナミックな vlan 設定のための GVRP サポート ¶
physical、macvlan、ipvlan、routed ネットワークに、新たに gvrp プロパティを追加しました。有効にすると、親ポートの VLAN 設定を広報するように Linux に指示し、適切に設定されたスイッチがそれに応じて VLAN テーブルとポートのメンバーシップを更新できるようにします。
サーバーサイドのインスタンスストレージプールマイグレーション ¶
新たに pool フィールドを POST /1.0/instances/NAME のマイグレーション API に追加しました。
これでストレージプール間で完全にサーバーサイドでインスタンスの移行を行うことができます。
これまでは同じことを行うには、クライアントから一時的なコピー+削除操作が必要でした。
これは、最新の LXD サーバーで新しい API を自動的に使う lxc move NAME --storage TARGET とも統合されました。
ボリューム利用 API ¶
新たな API として GET /1.0/storage-pools/POOL/volumes/TYPE/VOLUME/state を追加しました。これはボリュームのディスク使用状況を取得します。
LXD はこれまでもずっとこの情報を持っていました。しかし、これまではインスタンスにボリュームがアタッチされているときのみ、インスタンスの状態を取得することで、この情報にアクセスできました。
新たな lxc storage volume info コマンドを、この API に問い合わせを行うために追加しました。
さらに、lxc storage volume list が拡張されました。カスタマイズできるカラムがサポートされ、ボリュームサイズを表示するための新たなオプションカラムが追加されました(一部のストレージドライバーでは、API 呼び出しのコストが高くなる可能性があるためです)。
この結果、このような表示になります:
stgraber@castiana:~$ lxc storage volume list default -ctncuU +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | TYPE | NAME | CONTENT-TYPE | USED BY | USAGE | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | container | lxd-build | filesystem | 1 | 2.67GB | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | container | lxd-build-focal | filesystem | 1 | 1.32GB | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | container | metrics | filesystem | 1 | 709.67MB | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | container | snapcraft-lxd | filesystem | 1 | 6.61GB | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | container | snapcraft-lxd-bgp | filesystem | 1 | 1.49GB | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | container | steam | filesystem | 1 | 11.13GB | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | custom | backups | filesystem | 1 | 98.30kB | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | custom | images | filesystem | 1 | 5.83GB | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | image | b31b2d483586fd143e4081b292179330235d081e923db39f7f864db2e1f4045d | block | 1 | | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | image | bb0c2a5d24b424943154f0a16d909a84a394378c567f950159b2d58f06960cbe | block | 1 | | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | virtual-machine | cgroup2 | block | 1 | 2.96GB | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | virtual-machine | ubuntu-desktop | block | 1 | 2.40GB | +-----------------+------------------------------------------------------------------+--------------+---------+----------+ | virtual-machine | win10 | block | 1 | 9.14GB | +-----------------+------------------------------------------------------------------+--------------+---------+----------+
SR-IOV GPU のサポート(VM のみ) ¶
新たに sriov の gputype がサポートされました。
これは SR-IOV をサポートするいくつかのレアな GPU でのみ動きます。しかし、幸運にも適切なホストドライバーを持つ GPU を持っている場合は、次のように実行できます:
lxc config device add NAME my-gpu gpu gputype=sriov pci=ADDR
親 GPU のアドレスを使うと、LXD は自動的に未使用な VF を見つけ、GPU としてそれを VM に与えます。
PCI デバイスタイプ(VM のみ)¶
LXD に新しい pci デバイスタイプが追加されました。仮想マシンに任意の PCI デバイスを渡すことができるようになりました。
このようなデバイスを扱う場合は nic または gpu の SR-IOV を使う方が望ましいです。しかし、この機能により使いたい PCI ストレージデバイス、FPGA、その他の任意の PCI デバイスを渡すことができるようになりました。
ISO イメージを CD-ROM として公開(VM のみ) ¶
LXD の仮想マシン内に Windows をインストールする際の問題をいくつか回避するため、ISO イメージを検出し、自動的に仮想マシンに CD-ROM としてアタッチするロジックを追加しました。
これはインストールソースとターゲットが何であるのかという混乱を回避します。そして、最近 distrobuilder で Windows ISO イメージの再パッキングがサポートされましたので、それと組み合わせたときに LXD 仮想マシン内に Windows をインストールすることを格段に簡単にします。
lxc manpage コマンドの拡張 ¶
lxc manpage コマンドが --format オプションをサポートしました。これによりヘルプページを次のフォーマットでエクスポートできるようになりました:
- man(デフォルト、これまでの動き)
- md (markdown)
- rest (REStructured Text)
- yaml
私たちは、ヘルプページをウェブサイトで利用できるようにするために Markdown 出力を使う予定です。
すべての変更点(翻訳なし) ¶
このリリースでの完全な変更点のリストは次のとおりです:
- client: Fix output of GetClusterMemberNames
- openvswitch/ovs.go: Simplify return in Installed method
- rbac/server.go: Sleep for seconds instead of nanoseconds
- lxd/instance/drivers/driver/qemu: Updates SaveConfigFile to return nil
- lxd/api/internal: Updates internalImportFromRecovery to call inst.SaveConfigFile
- test/suites/backup: Adds test to check exec works after recovery of running container
- cluster/raft/file_snapshot.go: defer after checking error
- lxd/storage/drivers/driver/cephfs/volumes: Updates RenameVolume newName arg to newVolName to bring inline with other drivers
- lxd/storage/drivers/driver/ceph/volumes: Fix UnmountVolume to actually deactivate VM block volumes
- lxd/storage/drivers/driver/ceph/volumes: Fix RenameVolume to also rename FS volume for VM volumes
- test/suites/container/devices/nic/bridged: Adds port isolation feature test
- lxc/network: Adds support for attaching instance to a managed network using
networkproperty - test/suites/container/devices/proxy: Ensure ipv6 nat tests use a network with stateful DHCPv6 enabled
- test/suites/network: Updates static IPv6 allocation test to actually test stateful DHCPv6
- test/suites/container/devices/nic/bridged: Improve validation of DHCPv6 allocation
- lxc/query: Prevent using --project
- i18n: Update translation templates
- lxd/utils: Compare all addresses from lookup in IsAddressCovered, lxc#8340
- lxd/resources: Support DMI for CPU information
- lxd/device/nic/routed: Ensure IP neighbour proxy entries are removed on stop
- lxd/device/nic/routed: Adds duplicate address detection
- lxd/device/disk: Validate size field properly
- lxd/device/nic/bridged: Only attempt to release DHCP leases if bridge interface exists
- lxd/device/nic/bridged: Improve error context prefix in networkClearLease
- lxd/device/nic/bridged: Use %q for error quoting in networkClearLease
- lxd/device/nic/bridged: Improve error context prefix in State
- lxd/instance: Fix progress on ceph instance move
- lxd/storage/backend/lxd: Use volume config in UpdateInstanceBackupFile so that volume.block.filesystem setting is used
- lxd/storage/drivers/utils: Adds filesystem being used to TryMount error
- lxd: Smarter handling of volatile keys in projects
- lxd/project: Strip volatile on copy/migrate
- tests: Update project restrictions test
- lxd/instance/drivers/driver/lxc: Copy parent volume config to snapshot volume config in lxcCreate
- lxd/instance/drivers/driver/qemu: Copy parent volume config to snapshot volume config in qemuCreate
- lxd/instance/drivers/driver/lxc: Umount instance after CRIU state path check in Restore
- lxd/instance/drivers/driver/lxc: Avoid duplicated call to UpdateBackupFile in Restore
- lxd/instance/drivers/driver/lxc: Log instance restarting after snapshot restore
- lxd/instance/drivers/driver/lxc: Always run UpdateBackupFile in Update
- lxd/instance/drivers/driver/qemu: Removes unnecessary call to UnmountInstance in Restore
- lxd/instance/drivers/driver/qemu: Remove unnecessary call to UpdateBackupFile
- lxd/instance/drivers/driver/qemu: Log instance restarting after snapshot restore
- doc/rest-api: Fix typo
- doc/rest-api: Fix missing escaping
- lxd/instance: Tweak error and resource links
- api: Adds support for bulk instance state change.
- shared/api: Adds support for bulk instance state change.
- doc: Adds doc for bulk instance state change endpoint.
- lxd: Adds support for bulk instance state change.
- client: Adds support for bulk instance state change.
- lxc: Adds support for bulk instance state change.
- lxd: Process bulk action in parallel
- test/suites/snapshots: Adds snapshot block.filesystem config check for LVM & Ceph
- lxd/instances: Reduce code duplication
- shared/api: Change mass update API
- lxc/action: Update to new InstancesPut
- lxd/instances: Update to new bulk API
- doc/rest-api: Update for new bulk API
- client: Re-order functions
- lxd: Rename container functions
- lxd/instance_state: Simplify
- lxd/instance: Refactor state handling
- lxd/instances_state: Simplify logic
- lxd/instance/drivers: Move ephemeral restart logic
- lxd/vm: Expose ISO images as SCSI cdroms
- lxd/storage: Cleanup CreateInstanceFromCopy
- lxd/storage/utils: Updates VolumeDBCreate to accept volume and content type typed arguments
- lxd/storage/backend/lxd: Error quoting and wrapping
- lxd/storage/backend/lxd: Expand argument type in updateVolumeDescriptionOnly
- lxd/storage/backend/lxd: VolumeDBCreate updated usage
- api: Adds network_gvrp extension
- doc: Adds gvrp option for selected networks and instance NICs
- lxd/network/network/utils: Adds GVRP support to VLANInterfaceCreate
- lxd/network: Adds GVRP support to macvlan and physical networks
- lxd/device/device/utils/network: Adds GVRP support to networkCreateVlanDeviceIfNeeded
- lxd/device/nic: Adds GVRP support to ipvlan, macvlan, physical and routed NICs
- lxd/network: Add check for overlapping ovn.ranges and dhcp.ranges
- lxd/db/instances: Improve error message from CreateInstanceConfig
- lxd/instance/drivers/driver/common: Adds insertConfigkey function
- lxd/instance/drivers/driver/lxc: Updates FillNetworkDevice to use d.insertConfigkey
- lxd/instance/drivers/driver/qemu: Updates FillNetworkDevice to use d.insertConfigkey
- lxc/instance/drivers/driver/common: Removes empty value check from insertConfigkey
- lxd/instance/drivers: Detect failed volatile key generation
- lxd/instance/drivers/driver/lxc: Fix volatile config key scoping issue in FillNetworkDevice
- lxd/network/driver/bridge: Only validate non-overlapping DHCPv6 ranges with OVN ranges when stateful DHPCv6 being used
- lxd/instance/drivers/driver/common: Prevent existing row check from wiping out desired key value in insertConfigkey
- lxd/instance/drivers: More checks and error contexts in FillNetworkDevice
- lxd/instance/drivers/driver/qemu: Error alignment with container driver in Rename
- lxd/storage/utils: Improves error in VolumeDBCreate
- lxd/db/storage/volumes: Populates ProjectName field in GetLocalStoragePoolVolumeSnapshotsWithType
- lxd/instance/drivers/driver/lxc: Error context in Rename
- lxd/instances/post: Unwraps long error and using double quotes placeholder
- lxd/instance/instance/interface: Adds TemplateTrigger type and constants for template trigger types
- lxd/instance: Adds instanceCreateAsCopyOpts argument for instanceCreateAsCopy options
- lxd/instances/post: instanceCreateAsCopy updated usage
- lxd/instance/instance/interface: Updates DeferTemplateApply to accept TemplateTrigger type argument
- lxd/instance/drivers/driver/common: Updates DeferTemplateApply to accept a TemplateTrigger type argument
- lxd/storage/backend: inst.DeferTemplateApply usage
- lxd/instances/post: inst.DeferTemplateApply usage
- lxd/instance/drivers/driver/lxc: Updates templateApplyNow to accept a TemplateTrigger argument
- lxd/instance/drivers/driver/lxc: d.templateApplyNow usage
- lxd/instance/drivers/driver/qemu: Updates templateApplyNow to accept a TriggerTemplate type argument
- lxd/instance/drivers/driver/qemu: d.templateApplyNow usage
- lxd/instance/instance/interface: Adds applyTemplateTrigger argument to Rename
- lxd/instance/drivers/driver/lxc: Adds applyTemplateTrigger argument to Rename
- lxd/instance/drivers/driver/qemu: Adds applyTemplateTrigger argument to Rename
- lxd/instance/post: inst.Rename usage
- lxd/instance/snapshot: sc.Rename usage
- lxd/storage/backend/lxd: Removes call to deferred template apply in RenameInstance
- lxd/instance/test: c.Rename usage
- shared/api: Add Pool field to InstancePost
- api: instance_pool_move extension
- lxc/move: Support server-side pool migration
- client: Add extension check for pool migration
- lxd/instance: Implement pool migration API with instancePostPoolMigration
- test: Add tests for volatile.apply_template config during create, copy and move
- test: Adds check for volatile.apply_template state after rename
- i18n: Update translation templates
- test: Add test for moving instance between pools without renaming
- lxd/images: Skip keys with empty values
- lxd/instances_put: Limit to local server
- lxd/device: Fix instance type validations
- shared/instance: Adds ErrNoRootDisk error var and returns it from GetRootDiskDevice
- lxd/instance: Enforces that target instance should have valid root disk config after DB create in instanceCreateAsCopy
- lxd/instance: Don't assume root disk is called "root" when copying snapshots from a source instance
- lxd/db/query/retry: Adds detection of checkpoint in progress to IsRetriableError
- lxd/instances_put: Properly handle clusters
- lxd/instance/drivers/driver_qemu: attempt to kill qemu proc on stop
- lxd/instance/driver_qemu: Add check for qemu cmdline args to pid()
- forkproxy: prevent zombies
- lxd: Change some references of container to instance in comments
- lxd/instance/post: Change error message to instance from container in instancePost
- lxd/main/forkdns: Returns empty AAAA record response when equivalent A record exists
- lxd/main/forkdns: Fixes typo in comment
- test: Adds test for empty AAAA response when equivalent A record exist in clustering forkdns
- lxd/device/pci: Consider DeviceUnbind successful on missing driver
- shared/validate: Validate PCI addresses
- lxd/device/gpu: Validate PCI addresses
- lxd/device: Add function to validate PCI path
- lxd/device: Add support for GPU SR-IOV
- api: gpu_sriov extension
- doc: Add SR-IOV GPU
- lxd/device/gpu_mdev: Valdiate PCI address and path
- lxd/device/gpu_physical: Validate PCI address and path
- lxd/instance/qemu: Cleanup VGA ROM check
- lxd/network/driver/bridge: Update DHCPv4Subnet to return fan bridge address subnet when in fan mode
- lxd/device/nic/bridge: Updates validateConfig to use parent networks DHCP subnet functions when validating address
- shared/termios: Fix static builds
- shared/idmap: Fix shared/ build on non-cgo
- shared/instancewriter/: Fix shared/ build on non-cgo
- shared/eagain: Restrict to Linux
- shared/subprocess: Restrict to unix
- lxd/db/generate: Move DB generator
- github: Replace Travis and Appveyor with Actions
- lxc/manpage: Add markdown, reST and YAML output
- i18n: Update translation templates
- lxd/device/gpu: Skip nvidia directories
- api: pci_device_type extension
- doc/instance: Add pci device type
- lxd/device: Free up the pci name
- lxd/device: Support for both pci= and address= in checker
- lxd/device/config: Add PCIDevice
- lxd/device/pci: Add NormaliseAddress
- lxd/device: Have validatePCIDevice take an address
- lxd/device: Add PCI device type
- lxd/instance/qemu: Rename qemuNetDevPhysical to qemuPCIPhysical
- lxd/instance/qemu: Add PCI device support
- cgroup: fix cgroup2 device driver settings
- doc/instances: Tweaks to make device type linking work
- doc/storage: Add mention of zfs.remove_snapshots
- simplestreams: Review and sanitize urls join
- lxd/storage/volume: Snapshot PUT is supposed to be blocking
- lxd/storage: Fix snapshot edit routes
- lxc/storage_volume: Use correct API for snapshots
- lxd/storage: Cleanup volume API endpoints
- lxd/instance/metadata: Fix API to line up with files
- client: Drop UpdateInstanceTemplateFile
- client: Drop UpdateInstanceTemplateFile
- client: Fix legacy UpdateContainerTemplateFile
- client: Rename SetInstanceMetadata to UpdateInstanceMetadata
- lxc/config: Switch to UpdateInstanceMetadata
- lxc/config: Always use CreateInstanceTemplateFile
- lxd/instance/metadata: Modernize instanceMetadataPut
- lxd/instance/metadata: Implement PATCH
- lxd/instance/snapshots: Implement PATCH
- lxd/storage: Tweak volume snapshot etag
- lxd/storage/volume/snapshot: Implement PATCH
- api: storage_volume_state extension
- shared/api: Add StorageVolumeState
- client: Add GetStoragePoolVolumeState
- lxd/storage: Add storagePoolVolumeTypeStateGet
- doc/rest-api: Add storage volume state API
- lxc/storage_volume: Add support for column argument
- lxc/storage_volume: Add usage column
- lxc/storage_volume: Add info subcommand
- i18n: Update translation templates
- lxd/instance/qemu: Don't use the RAM backend
- lxd/db/images: Include remote storage pools in GetPoolsWithImage
- lxd/db: Export function IsRemoteStorage
- lxd/resources: More flexible PCI handling
- lxd/resources: Make usb address handling match PCI
- lxd/resources: Use %q when possible
- lxd/images: Remove images backed by remote storage
- i18n: Update translations from weblate
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.0.5 リリースのお知らせ ¶
2nd of February 2021
はじめに ¶
LXD チームが LXD 4.0.5 のリリースをお知らせします!
このリリースは、2025 年 6 月までサポートされる LXD 4.0 に対する 5 つめのバグフィックスリリースです。
バグ修正と改良 ¶
このリリースには、開発ブランチからの数カ月分のバグフィックスと細かな改善が含まれています。
主な変更点は次の通りです:
- GPU の媒介(mediated)デバイスをパススルーできるようになりました
- GPU の SR-IOV パススルーができるようになりました
- リソース API に IOMMU の詳細情報を追加しました
- リソース API にネットワークデバイスの USB アドレス情報を追加しました
- リソース API にディスクデバイスの PCI もしくは USB アドレス情報を追加しました
- ネットワーク state API に VLAN の詳細情報を追加しました
lxc listにメモリと CPU の使用状況のカラムを追加しましたlxc snapshotで--reuseオプションが使えるようになりましたlxc storage volume snapshotで--reuseオプションが使えるようになりました
コミットの全リストは次の通りです(翻訳なし):
- extract restart logic to new instance interface function of lxc and qemu
- scripts/bash: Fix snap handling
- extract common restart code to driver_common.go
- lxd/storage: Rename RunningSnapshotFreeze to RunningCopyFreeze
- lxd/storage: Ensure source is frozen during copy
- lxd/instance/drivers: Write out updated backup.yaml after rename
- lxd: Switch to new candid URL
- lxd/storage/zfs: No need to remove dashes from UUID
- shared: Drop GroupId and UserId
- lxd: Port to os/user
- lxd/daemon: Log protocol
- lxd/daemon: Pass writer to Authenticate
- lxd/daemon: Record username on unix queries
- lxd/storage: Lock during the whole image replace
- lxd/db/errors: Adds ErrNoClusterMember var used to indicate no cluster member has been found for a resource
- lxd/db/storage/volumes: Modifies GetStorageVolumeNodeAddresses to detect volumes that are not bound to a single node
- lxd/db/storage/volumes: Removes StorageVolumeIsAvailable
- lxd/response: Updates forwardedResponseIfVolumeIsRemote to accept poolName rather than poolID
- lxd/storage/volumes: forwardedResponseIfVolumeIsRemote usage
- lxd/storage/volumes/snapshot: forwardedResponseIfVolumeIsRemote usage
- lxd/project/project: Adds StorageVolumeProjectFromRecord function
- lxd/db/instances: Renames and reworks instanceListExpanded to InstanceList
- lxd/db/instances/export/test: Removes unused file
- lxd/db/instances/test: Renames TestInstanceListExpanded to TestInstanceList
- lxd/patches: driver.VolumeTypeNameToDBType usage
- lxd/profiles/utils: Comment on doProfileUpdateContainer for clarity
- lxd/response: cluster.ConnectIfVolumeIsRemote usage
- lxd/storage/drivers/driver/types: Adds VolumeMultiNode field to Info
- lxd/storage/drivers/driver/cephfs: Adds VolumeMultiNode=true to Info struct
- lxd/storage/utils: Renames VolumeTypeNameToType to VolumeTypeNameToDBType
- lxd/storage/utils: Adds VolumeDBTypeToTypeName function
- lxd/storage/utils: Comment consistency
- lxd/storage/utils: Renames and reworks VolumeUsedByRunningInstancesWithProfilesGet to VolumeUsedByInstances
- lxd/storage/utils: Adds VolumeUsedByExclusiveRemoteInstancesWithProfiles function
- lxd/cluster/connect: Reworks ConnectIfVolumeIsRemote to use storagePools.VolumeUsedByExclusiveRemoteInstancesWithProfiles
- lxd/storage/volumes: storagePools.VolumeTypeNameToDBType usage
- lxd/storage/volumes: Updates storagePoolVolumeTypePost to use updated storagePools.VolumeUsedByInstances
- lxd/storage/backend/lxd: Updates RestoreCustomVolume with VolumeUsedByInstances
- lxd/storage/utils: Removes VolumeUsedByInstancesGet function as not properly project compliant
- lxd/storage/volumes/utils: Replaces storagePools.VolumeUsedByInstancesGet usage with storagePools.VolumeUsedByInstances in storagePoolVolumeUsedByGet
- lxd/device/disk: Replace storagePools.VolumeUsedByInstancesGet usage with storagePools.VolumeUsedByInstances in storagePoolVolumeAttachShift
- lxd/endpoints: Update error string in test
- shared/simplestreams: Record variant
- shared/simplestreams: Fix sorting of images
- lxd/project/project: Updates StorageVolumeProjectFromRecord to not return error (as never populated)
- lxd/storage/utils: project.StorageVolumeProjectFromRecord usage
- lxd/instance/qmp: Merge Go routines
- shared/cancel: Close chDone on failure
- lxd: Only close doneCh on success
- exec: make sure to only use TIOCGPTPEER if available
- lxd/instance/drivers: Change memory backend
- lxd/instance/drivers: Add virtio-fs config drive template
- lxd/instance/drivers: Handle virtio-fs config drive
- lxd/instance/drivers: Add system unit file for virtio-fs config drive
- lxd/device/disk: Support virtio-fs
- lxd/device/disk: Handle alternative virtfs-proxy-helper location
- lxd-agent: Prefer virtio-fs over 9p
- lxd: Replace use of tx.GetProject with cluster.GetProject
- lxd/storage: VolumeTypeNameToDBType usage
- lxd/device/disk: storagePools.VolumeUsedByExclusiveRemoteInstancesWithProfiles usage
- lxd/storage/backend/lxd: Updates UpdateCustomVolume to check for online resize support when resizing
- lxd/db/storage/volumes: Adds workaround for old remote volume schema in GetStorageVolumeNodeAddresses
- lxd/instances: Fix virtiofsd for config drive
- lxd/instance/drivers: Issue warning if virtiofsd is missing
- lxd/device: Issue warning if virtiofsd is missing
- lxd/instance/drivers: Fix lxd-agent systemd unit conditions
- lxd/storage: Only freeze if not frozen
- lxd/device/sriov: Harden calls to ip link vf
- lxd/storage/zfs: Add support for clone_copy rebase
- lxd/qmp: Ensure checkbuffer is called
- lxd/virtiofs: Fix handling of config drive
- lxd/storage/lvm: Properly make lvm.thinpool_name node-specific
- lxd/instance/drivers/driver/qemu: Call MountInstanceSnapshot when mounting vm snapshots
- lxd/instance/drivers/driver/qemu: Ensure consistent mount state when restoring snapshot irrespective of whether instance was running
- lxd/instance/drivers/driver/lxc: Ensure consistent mount state when restoring snapshot irrespective of whether instance was running
- lxd/storage/drivers/volume: Comment clarification
- lxd/storage/drivers/driver/zfs/volumes: Only resurrect deleted image volume if same size in CreateVolume
- lxd/storage/drivers/driver/zfs/volumes: Improved logging
- lxd/storage/drivers/driver/zfs/volumes: Return ErrNotSupported in SetVolumeQuota when trying to resize an image block volume
- lxd/storage/drivers/driver/ceph/volumes: Only resurrect deleted image volume if same size in CreateVolume
- lxd/storage/drivers/driver/ceph/volumes: Improves logging in CreateVolume
- lxd/storage/drivers/driver/ceph/volumes: Don't allow image volume size in SetVolumeQuota
- lxd/storage/backend/lxd: Adds size to logging in SetInstanceQuota
- lxd/storage/backend/lxd: Update EnsureImage to resize/regenerate optimized image volumes if existing volume is different size than pool's volume.size setting
- lxd/storage/backend/lxd: Updates CreateInstanceFromImage to detect ErrCannotBeShrunk and create one-off non-optimized volume for instance
- lxd/storage/drivers/driver/ceph/utils: Updates getRBDMappedDevPath to allow control of mapping
- lxd/storage/drivers/driver/ceph/utils: d.rbdUnmapVolumeSnapshot on one line
- lxd/storage/drivers/driver/ceph/volumes: d.getRBDMappedDevPath usage
- lxd/storage/utils: Makes InstanceDiskBlockSize snapshot aware
- lxd/storage/drivers/driver/ceph/volumes: Removes extraneous comment
- lxd/storage/drivers/driver/ceph/volumes: Activate volume before genericVFSMigrateVolume in MigrateVolume
- lxd/storage/pool/interface: Adds MountInfo struct
- lxd/storage/pool/interface: Return MountInfo from MountInstance and MountInstanceSnapshot
- lxd/storage/backend/lxd: Populate MountInfo with OurMount and DiskPath in MountInstance
- lxd/storage/backend/lxd: Unexports getInstanceDisk
- lxd/storage/backend/lxd: Populates OurMount and DiskPath in MountInstanceSnapshot
- lxd/storage/utils: Updates InstanceDiskBlockSize to use MountInfo
- lxd/storage/backend/mock: Interface changes
- lxd/instance: Updates instanceCreateAsSnapshot to use MountInfo
- lxd/patches: Updates to use MountInfo
- lxd/instance/drivers/driver/lxc: Updates mount to return MountInfo and usage
- lxd/instance/drivers/driver/qemu: Updates mount to return MountInfo and usage
- lxd/storage/drivers/generic/vfs: Adds genericVolumeDiskFile constant for excluding generic disk block files
- lxd/storage/drivers/generic/vfs: Avoid using d.GetVolumeDiskPath in genericVFSMigrateVolume
- lxd/storage/drivers/generic/vfs: Use genericVolumeDiskFile in genericVFSGetVolumeDiskPath
- lxd/storage/drivers/driver/ceph/utils: Add logging to rbdMapVolume and rbdUnmapVolume
- lxd/storage/drivers/driver/ceph/utils: Updates getRBDMappedDevPath to support snapshots
- lxd/storage/drivers/driver/ceph/volumes: Updates MountVolume to return ourMount for block volumes
- lxd/storage/drivers/driver/ceph/volumes: Updates UnmountVolumeSnapshot to handle block volumes
- lxd/storage/drivers/driver/ceph/volumes: Renames RBDDevPath to devPath
- lxd/storage/utils: Improves logging and uses size value from vol.ConfigSizeFromSource in ImageUnpack
- lxd/storage/backend/lxd: Improves logging in CreateInstanceFromImage
- lxd/storage/backend/lxd: Improves logging and uses imgVol.ConfigSizeFromSource in EnsureImage
- doc/instances: Rephrase limits.memory.swap
- doc/instances: Typo fix
- lxd/storage: Use same defaults as "lxd init"
- lxd/instance/drivers/driver/qemu: Converts all supplied memory byte values to mebibytes for comparison
- lxd/rbac: Fix URL encoding
- lxd/cgroup: Fix V2 detection/handling
- lxd/cgroup: Add file read/writer
- lxd/cgroup: Fix controller detection
- lxd/cgroup: Add cpuset functions
- lxd/cgroup: Fix warning wording
- lxd/devices: Drop old workaround
- lxd/devices: Port to cgroup package
- lxd/instance: Replace CGroupGet/CGroupSet
- lxd/devices: Update to use cgroup abstraction
- lxd/cgroup: Implement proper typing
- lxd/cgroup: Change ParseCPU to return int64
- lxd/instance/lxc: Update for cgroup function changes
- lxd/cgroup: Improve naming
- lxd/instance: Update for new naming
- lxd/cgroup: Add V2 for GetBlkioWeight and SetBlkioWeight
- lxd/device: Move disk priority back to lxc
- lxd/cgroup: Fix get blkio weight
- lxd/cgroup: Add abstraction for SetBlkioLimit
- lxd/device: Port disk limits to abstraction
- lxd/db/storage/volumes: Renames GetStorageVolumeNodeAddresses to GetStorageVolumeNodes
- lxd/cluster/connect: Updates ConnectIfVolumeIsRemote to use tx.GetStorageVolumeNodes
- lxd/db/storage/volumes/test: Updates test for TestGetStorageVolumeNodes
- lxd/storage/utils: Updates VolumeUsedByInstances to accept an api.StorageVolume arg
- lxd/storage/utils: Updates VolumeUsedByExclusiveRemoteInstancesWithProfiles to use an api.StorageVolume arg
- lxd/storage/volumes/utils: Updates storagePoolVolumeUsedByGet to accept an api.StorageVolume arg
- lxd/cluster/connect: Updates ConnectIfVolumeIsRemote to use VolumeUsedByExclusiveRemoteInstancesWithProfiles with vol arg
- lxd/device/disk: Updates validateConfig to use storagePools.VolumeUsedByExclusiveRemoteInstancesWithProfiles with vol arg
- lxd/device/disk: Updates storagePoolVolumeAttachShift to use storagePools.VolumeUsedByInstances with vol arg
- lxd/storage/backend/lxd: Updates UpdateCustomVolume to use VolumeUsedByInstances with vol arg
- lxd/storage/backend/lxd: Updates RestoreCustomVolume to use VolumeUsedByInstances with vol arg
- lxd/storage/volumes: storagePoolVolumeUsedByGet usage
- lxd/storage/volumes: Updates storagePoolVolumeTypePost to use storagePools.VolumeUsedByInstances with a vol arg
- lxd/storage/volumes: Use db.StoragePoolVolumeTypeName constants
- lxd/storage/volumes: Updates storagePoolVolumeTypeGet to use storagePoolVolumeUsedByGet with a vol arg
- lxd/storage/volumes: Updates storagePoolVolumeTypeDelete to use storagePoolVolumeUsedByGet with a vol arg
- lxd/storage/volumes/snapshots: storagePoolVolumeUsedByGet usage
- lxd/storage/volumes/utils: Removes storagePoolVolumeAPI constants and converter functions
- lxd/patches: Recreates patchStoragePoolVolumeAPI constants and function for historical patches
- lxd/storage/volumes: Simplifies volume type in URL in storagePoolVolumes routes
- lxd/storage/volumes/snapshot: Simplifies volume type in URL generation
- lxd/storage/volumes: Updates storagePoolVolumeTypePostRename args
- lxd/storage/volumes: Removes unnecessary var init in storagePoolVolumeTypePostMove
- lxd/storage/drivers/driver/ceph/volumes: Fix rbd device leak in RenameVolume
- lxd/storage/drivers/generic/vfs: Use revert package in genericVFSRenameVolume
- lxd/storage/utils: Adds matching of instances on same node as local volume in VolumeUsedByInstances
- lxd/storage/volume: Removes need for loading storage volume when doing lxc storage volume attach
- lxd/storage/utils: Renames VolumeUsedByInstanceDevices and passes usedByDevices into callback function
- lxd/device/disk: storagePools.VolumeUsedByInstanceDevices usage
- lxd/storage/backend/lxd: VolumeUsedByInstanceDevices usage
- lxd/storage/utils: VolumeUsedByInstanceDevices usage
- lxd/storage/volumes/utils: storagePools.VolumeUsedByInstanceDevices usage
- lxd/storage/volumes: storagePools.VolumeUsedByInstanceDevices usage
- lxd/storage/volumes: Updates storagePoolVolumeTypePost to use updated storagePoolVolumeTypePostRename and storagePoolVolumeTypePostMove
- lxd/storage/volumes: Updates storagePoolVolumeTypePostRename to use updated storagePoolVolumeUpdateUsers
- lxd/storage/volumes: Updates storagePoolVolumeTypePostMove to use updated storagePoolVolumeUpdateUsers
- lxd/instance/drivers/driver/lxc: Removes common function LocalDevices implemented in LXC driver
- lxd/db/instances: Better errors in InstanceList
- lxd/storage/utils: Adds VolumeUsedByProfileDevices function
- lxd/storage/utils: Removes unused volume name matching logic in VolumeUsedByInstanceDevices
- lxd/storage/volumes/utils: Updates storagePoolVolumeUpdateUsers to use storagePools.VolumeUsedByProfileDevices and storagePools.VolumeUsedByInstanceDevices
- lxd/storage/volumes/utils: Updates storagePoolVolumeUsedByGet to use storagePools.VolumeUsedByProfileDevices
- lxd/storage/volumes/utils: Golint suggestions in storagePoolVolumeUsedByGet
- lxd/cluster/connect: Removes CLI command flag in error response in ConnectIfVolumeIsRemote
- lxd/storage: Fix building on stable-4.0
- lxd/db/storage/pools: Adds isRemoteStorage function
- lxd/db/storage/volumes: Updates storagePoolVolumeGetType to not populate Location when driver is remote
- lxd/db/storage/pools/test: Initialise db.StorageRemoteDriverNames in db_test package
- lxd/db: Removes duplicated db.StorageRemoteDriverNames init from tests
- lxd/locking/lock: Adds UnlockFunc type and updates Lock() signature
- lxd/storage/drivers/utils: Extends OperationLockName to take into account content type.
- lxd/storage/drivers/volume: Adds MountLock function
- lxd/storage/drivers/driver/lvm/utils: drivers.OperationLockName usage
- lxd/storage/backend/lxd: drivers.OperationLockName usage
- lxd/storage/drivers: Adds mount and unmount locking
- lxd/storage/drivers/volume: Removes locking from MountTask and UnmountTask
- lxd/instance/drivers/driver/lxc: Stop devices in two phases
- lxd/device/disk: Removes workaround for ceph disks now that disks are stopped after instance is stopped
- doc/rest-api: auth property is never set to guest
- lxd/apparmor: Workaround socket handling
- lxd/storage: Expand local config
- lxd/cgroup: Fix swap limits
- lxd/instance/lxc: Fix crash in cgroup function
- lxc/snapshot: Add reuse option
- lxc/storage: Add reuse option to snapshot
- i18n: Update translation templates
- lxd/instance: Removes instanceConfigureInternal
- lxd/instance: Replace instanceConfigureInternal usage with update backup file which was only relevant part
- lxd/storage/backend/lxd: Adds log to CreateInstanceFromMigration showing if migration volume size header not sent
- lxd/cgroup: Support SetCPUShare on V2
- lxd/cgroup: Implement SetCPUCfsLimit for V2
- lxd/instance/lxc: Port to SetCPUCfsLimit
- lxd/cgroup: Support CGroup V2 in ParseCPU
- lxd-agent: Don't allow connections when rebooting
- lxd/api/project: Reject quotes in project names
- lxd/instance/drivers/driver/lxc: Updates initLXC to use project and instance name in callhook hook commands
- lxd/instance/drivers/driver/lxc: Updates startCommon to quote hook command arguments
- lxd/main/callhook: Updates cmdCallhook to support using project name and instance name in arguments
- lxd/api/internal: Adds support for using instance name and project name in container hook routes
- lxd/storage: Apply rename template
- lxd/patches: Adds patchVMRenameUUIDKey patch to rename config key from volatile.vm.uuid to volatile.uuid
- shared/validate: Adds IsUUID function
- shared/instance: Adds volatile.uuid key to instance validation
- shared/instance: Removes vm.uuid from instance validation in ConfigKeyChecker
- doc/instances: Replaces volatile.vm.uuid with volatile.uuid
- lxd/instance/drivers/driver/qemu: Updates Start to use and populate volatile.uuid instead of volatile.vm.uuid
- lxd/instance/drivers/driver/lxc: Generate instance UUID if not set in startCommon
- lxd/instance/drivers/driver/qemu: Makes UUID generation terminology consistent with container
- lxc/list: Fix typo in help
- i18n: Update translation templates
- lxc/list: Add two new columns (memory % and CPU)
- i18n: Update translation templates
- doc: fix typos in instances.md
- lxd/storage/drivers/driver/zfs/volumes: Remove workarounds for snapshot volume mounting
- lxd/refcount: Adds ref counting package
- lxd/storage/drivers/volume: Adds ref counting functions
- lxd/storage/drivers/volume: Updates MountTask to use new MountVolume signature
- lxd/storage/pool/interface: Removes OurMount from MountInfo struct
- lxd/storage/pool/interface: Removes "our mount" bool return value from MountCustomVolume
- lxd/storage/drivers/interface: Removes "our mount" bool return value from MountVolume
- lxd/storage/drivers/errors: Adds ErrInUse error
- lxd/storage/drivers/drivers/mock: Updates MountVolume signature
- lxd/storage/drivers/utils: Error quoting in shrinkFileSystem
- lxd/storage/drivers/driver/btrfs/volumes: Updates MountVolume signature
- lxd/storage/drivers/driver/ceph/volumes: Adds ref counting to MountVolume and UnmountVolume
- lxd/storage/drivers/driver/cephfs/volumes: Updates MountVolume signature
- lxd/storage/drivers/driver/dir/volumes: Updates MountVolume signature
- lxd/storage/drivers/driver/lvm/volumes: Adds ref counting to MountVolume and UnmountVolume
- lxd/storage/drivers/driver/zfs/volumes: Adds ref counting to MountVolume and UnmountVolume
- lxd/storage/drivers/generic/vfs: Updates genericVFSBackupUnpack to use new MountVolume signature
- lxd/storage/utils: Adds InstanceMount and InstanceUnmount and updates InstanceDiskBlockSize to use them
- lxd/storage/backend/mock: Removes OurMount
- lxd/storage/backend/mock: Removes "our mount" bool return value from MountCustomVolume
- lxd/storage/backend/lxd: Updates mount functions to remove OurMount and use new MountVolume signature
- lxd/storage/backend/lxd/patches: b.driver.MountVolume usage
- lxd/instance/drivers/driver: Unexports common restart function
- lxd/instance/instance/interface: Removes deprecated StorageStart and StorageStop functions
- lxd/instance/drivers/driver/common: Import ordering
- lxd/instance/drivers/driver/lxc: Updates mount usage with ref counting in mind
- lxd/instance/drivers/driver/lxc: Removes deprecated StorageStart and StorageStop
- lxd/instance/drivers/driver/qemu: Updates mount usage with ref counting in mind
- lxd/instance/drivers/driver/qemu: Implements RegisterDevices
- lxd/instance/drivers/driver/qemu: Removes deprecated StorageStart and StorageStop
- lxd/patches: Updates instance mount usage
- lxd/instance/metadata: Removes use of c.StorageStart and c.StorageStop
- lxd/instance/test: Removes use of StorageStart
- lxd/instance: Updates instanceCreateAsSnapshot to use updated mount functions
- lxd/devices: Register devices on all instance types
- lxd/device/disk: Implements Register function
- lxd/device/disk: Updates mount function usage in mountPoolVolume
- lxd/instance/drivers/driver/qemu: mount fixes
- lxd/storage/backend/lxd: Adds revert to MountInstance
- lxd/storage/drivers/driver/ceph/volumes: Adds revert to MountVolume
- lxd/storage/drivers/driver/lvm/volumes: Adds revert to MountVolume
- lxd/storage/drivers/driver/zfs/volumes: Adds revert to CreateVolumeFromBackup
- lxd/storage/drivers/driver/zfs/volumes: Adds revert to MountVolume
- lxd/storage/drivers/driver/zfs/volumes: Simplifies MountVolumeSnapshot and adds revert for parent volume mount
- lxd/storage/drivers/generic/vfs: Adds revert to genericVFSBackupUnpack
- lxd/api/internal: Adds internalImportFromRecovery function for instance recovery import
- lxd/instances/post: Updates createFromBackup to use updated internalImport signature
- lxd/device/disk comments
- test/suites/backup: Updates lxd import tests to expect instance to be unmounted after import
- lxd/instance/drivers/driver/lxc: Moves instance mount before idmap related var loading
- lxd/instance/drivers/driver/lxc: Rotate log file same stage as VM for consistency
- lxd/instance/drivers/driver/qemu: Use instance.LoadByProjectAndName in getMonitorEventHandler
- test: Updates container_import tests to remove lxd import followed by kill and start test
- lxd/storage/backend/lxd: Detect unsupported live copy of VMs and fail with clear message
- lxd/instance/lxc: Add extra check for devpts_fd
- lxd/device/nic/bridged: Clarifies when device's Add function is called
- lxd/migrate/instance: Improves comments when instantiating migration.VolumeTargetArgs
- lxd/storage/backend/lxd: Improves comments when instantiating migration.VolumeTargetArgs
- lxd/storage/backend/lxd: Reject custom volume config if supplied in CreateInstanceFromMigration
- lxd/storage/drivers/driver/zfs/volumes: Use srcVol.NewVMBlockFilesystemVolume in CreateVolumeFromCopy
- lxd/storage/drivers/driver/zfs/volumes: Apply filesystem quota in CreateVolumeFromMigration
- lxd/storage/drivers/driver/btrfs/volumes: Apply quota in CreateVolumeFromMigration
- lxd/storage/drivers/driver: Makes size update consistent with other drivers in UpdateVolume
- lxd/storage/drivers/driver/cephfs/volumes: Use vol.ConfigSize() rather than vol.ExpandedConfig("size") for consistency with other drivers
- lxd/storage/drivers/driver/cephfs/volumes: Makes CreateVolumeFromMigration volume quota setting consistent with other non-block-backed drivers
- lxd/ap/internal: Improved error messages from instanceCreateInternal
- lxd/instance: Improved error messages from instanceCreateInternal
- lxd/instances/post: Improved error messages from instanceCreateInternal
- lxd/migrate/instance: Improved error messages from instanceCreateInternal
- lxd/device/disk: Only validate external disk source paths when real instance is loaded
- lxd/instance/drivers/driver/lxc: Remove user facing reference to "common start logic" in error
- lxd/instance/drivers/driver: Just log device add failures when adding device in non-user requested context
- lxd/instance/drivers/driver/lxc: Pass existing isRunning to c.updateDevices to avoid extra call to IsRunning()
- lxd/storage: Fix build on 4.0
- shared: Allow volatile uuid config keys
- lxd/instance/drivers: Support vgpu in qemu template
- lxd/instance/drivers: Support vgpu in VMs
- lxd/device/nic/sriov: Don't fail when resetting VF MAC to 00:00:00:00:00:00
- lxd/device/config: Allow gputype property
- lxd/device: Support mdev GPUs
- doc: Document mdev config key
- api: Add gpu_mdev
- lxc/info: Show mdev profiles
- po: Update translation
- lxd/images: Replace fp with fingerprint in logs
- lxd/daemon/images: Add contextual logging and use "fingerprint" rather than "image" for consistency with other code areas
- lxd/profiles/utils: Remove container references, improve comments
- lxd/db/profiles: Updates GetInstancesWithProfile to return all instance types, not just containers
- shared/instance: Improves comments
- lxd/profiles: Use project.ProfileProject instead of tx.ProjectHasProfiles
- test/suites/projects: Fix bug in test that assumed project wasn't checked for existence
- lxd/profiles/utils: Updates doProfileUpdate and doProfileUpdateCluster to return project and instance name in error
- lxd/device/device/interface: Moves updatable fields from CanHotPlug() into UpdatableFields()
- lxd/device/errors: Adds ErrCannotUpdate error
- lxd/device/device/common: Updates common implementation of CanHotPlug() and UpdatableFields()
- lxd/device/disk: Adds UpdatableFields function based on instance type
- lxd/device/disk: Only apply running IO limits to containers in Update
- lxd/device/nic/bridged: Adds UpdatableFields function and removes custom CanHotPlug function
- lxd/device/nic/ipvlan: Updates CanHotPlug function
- lxd/device/nic/p2p: Removes custom CanHotPlug function and adds UpdatableFields function
- lxd/device/nic/routed: Splits CanHotPlug function into new CanHotPlug and UpdatableFields functions
- lxd/instance/drivers/driver/lxc: Updates device management functions to use new CanHotPlug and UpdatableFields functions
- lxd/instance/drivers/driver/qemu: Updates device management functions to use new CanHotPlug and UpdatableFields functions
- lxd/device/config/devices/sort: Improves comments in Less
- lxd/device/disk: Removes use of global logger and use device contextual logger
- lxd/device/disk: Rework volatile apply_quota key handling to support virtual machines
- lxd/refcount: Adds Get function
- lxd/storage/backend/lxd: Removes dependence on RunningQuotaResize in SetInstanceQuota
- lxd/storage/backend/lxd: Removes dependence on RunningQuotaResize in UpdateCustomVolume
- lxd/storage/errors: Removes ErrRunningQuotaResizeNotSupported
- lxd/storage/drivers/volume: Adds MountInUse function
- lxd/storage/drivers/utils: Adds vol.MountInUse usage to ensureVolumeBlockFile
- lxd/storage/drivers/utils: Adds filesystemTypeCanBeShrunk and updates shrinkFileSystem to use it
- lxd/storage/drivers/utils: Updates growFileSystem to use DefaultFilesystem
- lxd/storage/drivers/driver/types: Removes RunningQuotaResize
- lxd/storage/drivers: Renames drivers_mock.go to driver_mock.go to align with other driver naming
- lxd/storage/drivers/driver/mock: Removes RunningQuotaResize
- lxd/storage/drivers/driver/btrfs: Updates BTRFS to use ensureVolumeBlockFile's in-use detection
- lxd/storage/drivers/driver/dir: Updates to use ensureVolumeBlockFile's in-use detection
- lxd/storage/drivers/driver/ceph/utils: Adds resizeVolume function
- lxd/storage/drivers/driver/ceph: Removes RunningQuotaResize
- lxd/storage/drivers/driver/ceph/volumes: Reworks SetVolumeQuota to be more aligned with LVM driver structure
- lxd/storage/drivers/driver/cephfs: Removes RunningQuotaResize
- lxd/storage/drivers/driver/lvm: Removes RunningQuotaResize
- lxd/storage/drivers/driver/lvm/volumes: Updates SetVolumeQuota to use Volume's in-use detection
- lxd/storage/drivers/driver/zfs: Removes RunningQuotaResize
- lxd/storage/drivers/driver/zfs/volumes: Updates SetVolumeQuota to use Volume's in-use detection
- lxd/storage/utils: Updates validatePoolCommonRules to differentiate VM volumes and filesystem volumes
- lxd/instance: Error quoting and logging improvements in instanceCreateInternal
- lxd/instance/drivers/driver/lxc: Adds revert to lxcCreate
- lxd/instance/drivers/driver/qemu: Adds revert to qemuCreate
- lxd/storage/backend/lxd: Set the correct volume content type for custom volumes
- lxd/project/project: Adds ProfileProject and ProfileProjectFromRecord functions
- lxd/db/storage/volumes: Adds content type constants and populates ContentType field in storagePoolVolumeGetType
- lxd/storage/backend/lxd: Use volume's ContentType field in MountCustomVolume
- lxc/info: Extend mdev details
- i18n: Update translation templates
- lxd/device/disk: Ignore ErrNotRunning for virtfs-proxy-helper
- lxd/patches/utils: Adds legacy volumeFillDefault function for patches
- lxd/patches: Updates patches to switch from driver.VolumeFillDefault to volumeFillDefault
- lxd/storage/drivers/interface: Adds FillVolumeConfig
- lxd/storage/drivers/driver/common: Adds FillVolumeConfig no-op for common drivers
- lxd/storage/drivers/driver/{ceph,lvm}: Adds FillVolumeConfig function to populate default filesystem settings
- lxd/storage/utils: Updates VolumeDBCreate to accept a Pool and call driver.FillVolumeConfig
- lxd/storage/backend/lxd: VolumeDBCreate usage
- lxd/storage/utils: Removes VolumeFillDefault and VolumeValidateConfig
- lxd/storage/pool/interface: Adds FillInstanceConfig
- lxd/storage/backend/lxd: Implements FillInstanceConfig
- lxd/storage/backend/mock: Adds FillInstanceConfig
- lxd/instance/drivers/driver/lxc: Updates lxcCreate to use storagePool.FillInstanceConfig
- lxd/instance/drivers/driver/qemu: Updates qemuCreate to use storagePool.FillInstanceConfig
- lxd/instance/drivers: Better errors in instance create functions
- lxd/storage/backend/mock: Return storage pool ID 1 rather than -1 to allow tests to run
- lxd/instance/qemu: Always render disk
- Support zstd compression.
- lxd-agent: Don't rely on systemd for rebooting
- lxd/instance: Move id field to common
- lxd/instance/common: Use 'd' as main variable
- lxd/instance/qemu: Rename d to dev
- lxd/instance/qemu: Replace vm with d
- lxd/instance/lxc: Rename d to dev
- lxd/instance/lxc: Replace c with d
- lxd/instance: Move most properties to common
- lxd/instance: Move common functions to drive_common
- shared/instance: golint fixes
- shared/instance: Adds ConfigVolatilePrefix constant
- shared/instance: ConfigVolatilePrefix usage
- shared/instance: Adds InstanceIncludeWhenCopying function
- lxd/copy: shared.InstanceIncludeWhenCopying usage in copyInstance
- lxc: shared.ConfigVolatilePrefix usage
- lxd: shared.ConfigVolatilePrefix usage
- lxd/instances/post: shared.InstanceIncludeWhenCopying usage in createFromCopy
- lxd/storage: Add volatile idmap setting debug log to resetContainerDiskIdmap
- lxd/device/disk: Include network-config in cidata
- lxd/instance: Fix build on 4.0
- lxd/resources: Add GetNetworkState and GetNetworkCounters
- lxd/storage/pools/utils: Updates comment and error for storagePoolCreateLocal
- lxd/storage/pools: Error quoting
- lxd/networks: Whitespace
- lxd/network/driver/bridge: Adds some basic revert to setup()
- lxd/network/driver/bridge: Only initialise revert if config has changed
- lxd/network/driver/bridge: Fix incorrect return value
- api: add resources_pci_iommu extension
- shared/api: Add IOMMUGroup field to ResourcesPCIDevice
- Add IOMMU group value to PCI devices
- lxd/instance: Use revert package in instanceCreateFromImage
- lxd/storage/backend/lxd: Remove revert from CreateInstanceFromImage
- lxd/storage/drivers/driver/common: Enable unsafe resize mode in runFiller when unpacking into image volumes
- lxd/storage/drivers/driver/ceph/volume: Allow image resize when in unsafe mode in SetVolumeQuota
- lxd/storage/drivers/driver/zfs/volume: Allow image resize when in unsafe mode in SetVolumeQuota
- lxd/storage/backend/lxd: Log new volume size in CreateInstanceFromImage
- lxd/instance/qemu: Follow symlink to lxd-agent
- lxd/db/networks: Comments
- lxd/network/network/interface: Updates init to take api.Network and network nodes map
- lxd/network/network/interface: Adds LocalStatus
- lxd/network/network/load: Updates LoadByName to pass network nodes from s.Cluster.GetNetworkInAnyState to init()
- lxd/db/networks: Adds NetworkState type and uses it in place of int
- lxd/db/networks: Renames networkFillStatus to NetworkStateToAPIStatus
- lxd/db/networks: Adds NetworkNode type
- lxd/db/networks: Exports NetworkNodes and updates to return map of NetworkNodes
- lxd/db/networks: Updates GetNonPendingNetworks usage of NetworkNodes()
- lxd/db/networks: Modifies getNetwork and GetNetworkInAnyState to return map of NetworkNodes for network
- lxd/db/networks: Exports NetworkNodes
- lxd/db/networks: c.GetNetworkInAnyState usage
- lxd/db/networks: Updates comments to reference state constants
- lxd/patches: d.cluster.GetNetworkInAnyState usage
- lxd/api/cluster: d.cluster.GetNetworkInAnyState usage
- lxd/device/nic: d.state.Cluster.GetNetworkInAnyState usage
- lxd/network/driver/common: Adds LocalStatus function and store node info inside network via init()
- lxd/network/driver/bridge: Only perform local date if local status is api.NetworkStatusCreated
- lxd/networks: Updates doNetworksCreate to skip creation if node is already marked created
- lxd/networks: d.cluster.GetNetworkInAnyState usage
- lxd/networks: Don't skip network clean up if network is pending in networkDelete()
- lxd/db/migration/test: cluster.GetNetworkInAnyState usage
- lxd/network/network/interface: Adds IsManaged function
- lxd/network/driver/common: Adds IsManaged function and associated internal variable
- lxd/networks: Prevent rename of pending networks
- lxd/network/driver: Only apply local DB change in Update() when local node is in pending state
- lxd/networks: Updates networksPostCluster to only mark global network states as created once all nodes created
- lxd/networks: Reduce duplicate query loading network in networkPut and doNetworkUpdate
- lxd/networks: Prevent update of global network config when network is pending in networkPut
- lxd/network/bridge: Also delete on unknown status
- lxd/instance/qemu: Fix GPU passthrough
- lxd/instance/operations: Allow Wait/Done on nil struct
- lxd/instance/lxc: Improve use of operations
- lxd/instance/lxc: Improve locking on file ops
- lxd/instance/operations: Introduce CreateWaitGet
- lxd/instance: Introduce restart tracking
- Makefile: Fix golint URL
- lxd/network/driver/bridge: Improve IP parsing errors
- lxd/network/driver/bridge: Don't fill default config on update
- lxd/network/driver/bridge: Regenerate auto values on update
- test/suites/network: Adds test for unsetting ipv4.address and ipv6.address
- test/suites/network: Adds test for regeneration of auto values
- doc/networks: Clarify bridge default auto values
- lxd/device/disk: Only validate disk source pool when an actual instance is set
- test/suites/migration: Adds tests for copying instance with snapshots containing invalid disk devices
- lxc-to-lxd: Fix handling on snap
- lxd/instance: Bypass delete protection for internal calls
- lxd/instance/qemu: Improve state handling
- lxd/instance/operationlock: Allow Reset
- lxd/instance/qemu: Stretch start/stop timeout
- lxd/instance/qemu: Increase virtiofsd timeout to 10s
- lxd/instance/qemu: Move more logic into qemuArchConfig
- lxd/instance: Add Info function
- lxd/instance: Add SupportedInstanceDrivers
- lxd/instance: Add driver cache
- lxd/api: Show all instance drivers
- lxd/qemu: Don't stop processing events on shutdown
- lxd/rbac: Improve access to user information
- lxd/daemon: Improve request context
- lxd/rbac: Move userIsAdmin and userHasPermission
- lxd: Move to new RBAC helpers
- lxd/storage/volumes: Error quoting in storagePoolVolumesTypePost
- lxd/storage/volumes: Fixes misleading comment in storagePoolVolumesPost
- lxd/storage/volumes: Error quoting in storagePoolVolumesPost
- lxd/networks: Use SmartError for response when loading networks
- lxd/project: Add new FilterUsedBy helper
- lxd: Filter all UsedBy based on RBAC
- lxc/file: Fix typo in fileGetWrapper
- lxc/restore: Fix typo in help
- lxd/networks: Fix bad logging level
- lxd/daemon: Fix bad permission check
- lxd/storage/drivers/generic: Fix VM rename with ZFS
- lxd/instance: Remove duplicate event
- lxd/instance/common: Implement lifecycle wrapper
- lxd/instance/lxc: Port to new wrapper
- lxd/instance/lxc: Lock restore operations
- lxd/instance/qemu: Port to new wrapper
- lxd/instance/qemu: Lock restore operations
- lxd/backup: Add lifecycle events
- lxd/network: Add lifecycle function
- lxd/network: Implement create wrapper
- lxd/network: Add lifecycle events
- lxd/cluster/request/clienttype: Moves client type constants and helper into own package
- lxd/cluster/connect: Removes client type constants and helper
- lxd: Updates use of ClientType now moved to cluster/request package
- lxd/networks: Ensure etag generation uses its own copy of config in networkPut
- lxd/networks: Comment in networksPostCluster
- lxd/networks: Corrects log level in networksPostCluster
- lxd/networks: golint fix
- lxd/db/networks: Removes unused NetworkErrored function
- lxd/db/networks: Updates network state comments to indicate node usage
- lxd/apparmor/qemu: Allow some more files
- lxd/storage/drivers/drivers/zfs/volumes: Fixes 10s delay when using VMs with ZFS in snap
- lxd/instance: Adds per-struct contextual logger.
- lxd/instance/drivers: Fixes instanceType in instance logger
- i18n: Update translation templates
- Revert "lxd/db/networks: Removes unused NetworkErrored function"
- lxd/db/storage/pools: Updates storage pool state comments to indicate node usage
- lxd/db/storage/pools: Replace use of networkCreated with storagePoolCreated in getStoragePool
- lxd/storage/pools/utils: Consistent comment endings
- lxd/storage/pools/utils: Fix comment in storagePoolCreateLocal
- lxd/storage/pools: Add logging for storage pool state updates in storagePoolsPostCluster
- lxd/db/storage/pools: Updates comment on StoragePoolCreated
- lxd/storage/pools: Fix copy paste error in comment
- lxd/storage/load: Updates GetPoolByName to use state.Cluster.GetStoragePoolInAnyState
- lxc/storage: Adds --target flag support to cmdStorageSet
- lxd/db/storage/pools: Adds StoragePoolState type and updates state constants to be of that type
- lxd/db/storage/pools: Adds StoragePoolNode type
- lxd/db/storage/pools: StoragePoolState usage
- lxd/db/storage/pools: Adds storagePoolNodes function
- lxd/db/storage/pools: Updates storage pool load functions to return nodes
- lxd/db/storage/pools: Updates storagePoolNodes to return map of StoragePoolNode
- lxd/db/storage/pools: c.GetStoragePoolInAnyState usage
- shared/api/storage/pool: Adds storage pool status constants
- lxd/db/storage/pools: Adds StoragePoolStateToAPIStatus and updates getStoragePool to use it
- lxd/patches: d.cluster.GetStoragePoolInAnyState usage
- lxd/api/cluster: d.cluster.GetStoragePoolInAnyState usage
- lxd/backup/backup/config: c.GetStoragePool usage
- lxd/daemon/storage: s.Cluster.GetStoragePool usage
- lxd/device/disk: d.state.Cluster.GetStoragePool usage
- lxd/instance/post: d.cluster.GetStoragePool usage
- lxd/instances/post: d.cluster.GetStoragePoolInAnyState usage
- lxd/storage/pools: d.cluster.GetStoragePoolInAnyState usage
- lxd/storage/volumes/snapshot: d.cluster.GetStoragePool usage
- lxd/storage/pool/interface: Adds Description, Status and LocalStatus functions to definition
- lxd/storage/backend/mock: Adds Description, Status and LocalStatus functions
- lxd/storage/backend/lxd: Adds Description, Status, LocalStatus functions and adds nodes property
- lxd/storage/load: state.Cluster.GetStoragePoolInAnyState usage and populates pool nodes in GetPoolByName
- lxd/storage/pool/interface: Adds IsUsed and Create functions
- lxd/storage/backend/lxd: Exports Create and adds IsUsed
- lxd/storage/backend/mock: Adds IsUsed and Create
- lxd/storage/load: Deprecates CreatePool
- lxd/storage/load: Updates CreatePool to initialise empty node list
- lxd/db/migration/test: cluster.GetStoragePool usage
- lxd/storage/pools: Removes unused storagePoolValidateClusterConfig, storagePoolClusterConfigForEtag, storagePoolClusterFillWithNodeConfig functions
- lxd/storage/pools/utils: Removes unused storagePoolUpdate
- lxd/api/cluster: Updates client type usage to new package
- lxd/storage/load: Updates deprecated CreatePool to use client type
- lxd/patches: storagePools.CreatePool usage
- lxd/storage/pool/interface: Replaces localOnly and driverOnly indicators with clientType
- lxd/storage/backend/mock: Replace localOnly and driverOnly with clientType
- lxd/storage/drivers/driver/ceph: Simplify Delete logic
- lxd/api/cluster: Removal special casing for ceph/cephfs
- lxd/storage/backend/lxd: Adds protection against using a pending pool
- lxd/storage: Adds target support to cmdStorageGet
- lxd/storage/pools: Updates storagePoolsPostCluster to only forward non-node specific config
- shared: Add IsUserConfig() utility function
- lxd/config: Allow user keys in server config
- lxd/storage/backend/lxd: Comment typo fix
- lxd/storage/drivers/driver/btrfs/volumes: Enable allowUnsafeResize in CreateVolume when creating initial image volume
- lxd/storage/drivers/utils: Updates ensureVolumeBlockFile to return unsupported when trying to resize image volume without allowUnsafeResize enabled
- lxd/storage/utils: Ensure pool's volume.size is checked when unpacking images to pools that use file based images
- lxd/instance/qemu: Deref OVMF path
- lxc: Clarify --compression option
- doc/image-handling: Update compression details
- i18n: Update translation templates
- lxd/rbac: Fix checks by matching proper name
- api: Add resources_network_usb and resources_disk_address
- shared/api: Add PCIAddress/USBAddress on network and storage
- lxd/resources: Add PCIAddress/USBAddress for networks and disks
- lxd/storage/drivers/utils: Modifies roundVolumeBlockFileSizeBytes to round up
- lxd/storage/drivers/utils: roundVolumeBlockFileSizeBytes usage
- lxd/storage/drivers/driver/zfs/utils: Use roundVolumeBlockFileSizeBytes in createVolume
- lxd/storage/drivers/driver/zfs/volumes: Use roundVolumeBlockFileSizeBytes in CreateVolume
- lxd/storage/drivers/driver/zfs/volumes: Use roundVolumeBlockFileSizeBytes in SetVolumeQuota
- lxd/storage/backend/lxd: Use revert in CreateInstanceFromCopy
- lxd/storage/backend/lxd: Don't fail in DeleteInstance if DB record already removed
- lxd/instance: Use revert in instanceCreateAsCopy
- lxd/storage/drivers/driver/ceph/volumes: Whitespace
- lxd/storage/drivers/driver/ceph/volumes: Adds a hasVolume function that accepts an RBD volume name
- lxd/storage/drivers/driver/ceph/volumes: Fixes issue in DeleteVolume that prevented image volume deletion if no readonly snapshot existed
- lxd/storage/backend/lxd: Return error in EnsureImage when cannot delete orphaned volume
- doc/networks: Mention DNSSEC setting
- lxd/storage/pools/utils: Updates storagePoolCreateLocal to mark local node state as created
- lxd/db/storage/pools: Removes unused function StoragePoolErrored
- lxd/storage/pools: Adds doStoragePoolUpdate function
- lxd/storage/pools/utils: Updates storagePoolCreateLocal to use GetPoolByName
- lxd/storage/pools: Reworks storagePoolDelete to only delete locally if node has created state
- lxd/storage/pools: Reworks storagePoolPut and calls storagePoolPut from storagePoolPatch
- lxd/storage/backend/lxd: Reworks Update to only apply changes to local node if not pending
- lxd/storage/backend/lxd: Replace localOnly and driverOnly with clientType
- lxd/storage/pools: Switch to clientType
- lxd/storage/pools/utils: Switch to clientType
- lxd/db/storage: Hardcode unknown node state
- tests: Add test for import after deleted snapshot
- lxd/instances: Update backup file when deleting a snapshot
- lxd/instance/lxc: Fix backup.yaml delete logic to trigger properly
- lxd/instance/qemu: Also update backup.yaml on snapshot delete
- lxd/instance/qemu: Update backup.yaml on startup
- lxd/db/storage/pools: Comment wrapping
- lxd/storage/backend/lxd: Prevent modification of source field on non-pending nodes
- lxd/storage/drivers/driver/lvm: Comment typo
- lxd/apparmor/qemu: Allow ceph snap paths
- lxd/network/network/interface: Adds Project function
- lxd/network/driver/common: Adds Project function
- lxd/network/driver: Always delete when requested, ignore LocalStatus() pending
- lxc/networks: Remove revert removal on failure of clustered network in networksPost
- lxd/networks: Allow re-create of pending network when pending nodes already exist in networksPost
- lxd/networks: Adds revert to doNetworksCreate
- shared/api: Fix typo
- shared/api: Add NetworkStateVLAN
- lxd/resources: Add VLAN struct
- api: Add network_state_vlan
- lxd/instance/qmp: Update for go-qmp change
- lxd/backup: Fix URL in lifecycle events
- Add DeepSource config
- Use result of type assertion to simplify cases
- Replace .Sub(time.Now()) with time.Until() handler
- Remove unnecessary fmt.Sprintf() on string
- Omit comparison with boolean constant
- lxd/network/driver/common: Remove cluster notification and DB record removal from delete() function
- lxd/networks: Moves cluster notification an DB record removal into networkDelete
- lxd/db/networks: Adds duplicate key detection to getNetworkConfig
- lxd/instance/drivers/qmp/monitor: Handle closed event channel from qmp package in run
- lxd/instance/drivers/driver/qemu: Logs when instance is stopped in getMonitorEventHandler
- lxd/instance/operationlock: Fixes deadlock caused by call to Reset in Create
- lxd/instance/operationlock: Store operation in instanceOperations before calling go routine
- lxd/instance/operationlock: Exit go routine started in Create when the operation is done
- lxd/device: allow adding proxy device to VM instances
- lxd/instance/drivers: run device post-start hooks in QEMU driver
- doc: update
proxydoc to reflect VM support - lxd/device/nic/routed: Switches to network.InterfaceExists for clarity
- lxd/device/nic/routed: Remove host side veth interface if exists in postStop
- lxd/db/networks: Changes UpdateNetwork to not set created status
- lxd/networks: Updates doNetworksCreate to accept a Network rather than load its own
- lxd/networks: Debug log consistency in doNetworksCreate
- lxd/networks: doNetworksCreate usage
- lxd/networks: When auto creating pending nodes, don't pass global config into DB function in networksPost
- lxd/networks: Adds networkPartiallyCreated helper function
- lxd/networks: Updates networksPostCluster to detect existing global config and skip create if already exists
- lxd/api/cluster: Skip non-created networks when joining
- lxd/device/nic: Don't allow NICs to use networks that are not created
- lxd/db/networks: Renames ClusterTx GetNonPendingNetworks to GetCreatedNetworks
- lxd/db/networks: Renames Cluster GetNonPendingNetworks to GetCreatedNetworks
- lxd/api/cluster: cluster.GetCreatedNetworks usage
- lxd/networks: s.Cluster.GetCreatedNetworks usage
- lxd/patches: tx.GetCreatedNetworks usage
- lxd/db/networks: Tighten restrictions in CreatePendingNetwork to only allow pending nodes to be added while network is pending
- lxd/networks: Allow single node cluster network create using --target
- lxd/storage/pools/utils: Debug log consistency in storagePoolCreateLocal
- lxd/db/storage/pools: Adds duplicate key detection to getStoragePoolConfig
- lxd/storage/pools: storagePoolsPost comments line width
- lxd/db/storage/pools: Adds StoragePoolErrored function
- lxd/db/storage/pools: Renames GetNonPendingStoragePoolNames to GetCreatedStoragePoolNames
- lxd/api/cluster: cluster.GetCreatedStoragePoolNames usage
- lxd/storage: s.Cluster.GetCreatedStoragePoolNames usage
- lxd/storage/pools: Restructures storagePoolsPost to align with networksPost
- lxd/storage/pools: Updates storagePoolsPostCluster to reject global config on re-create attempts
- lxd/storage/pools: Adds storagePoolPartiallyCreated function
- lxd/db/storage/pools: Improve errors in CreatePendingStoragePool
- stable-4.0: Remove debug/accidental files
- lxd/db/networks: Corrects comment on GetCreatedNetworks
- lxd/networks: Prevent re-create attempts on errored networks
- lxd/networks: Don't allow config modification on errored networks in networkPut
- lxd/network/driver/bridge: Don't apply updates to node when network is pending
- lxd/storage/pools: Prevent re-create attempts on errored pools
- lxd/storage/backend/lxd: Prevent changing pool node source if pool state isn't pending
- lxd/storage/backend/lxd: Only apply local node changes if both pool and node status are not pending
- lxd/storage/pools: Dont allow config modification on errored pools in storagePoolPut
- test/suites/clustering: Adds adapted tests for stable-4.0 clustered storage setup
- test/suites/clustering: Adds adapted tests for stable-4.0 clustered network setup
- shared/util: Adds StringHasPrefix function
- lxd/device/disk: Adds sourceIsLocalPath function
- lxd/device/disk: Use shared.StringHasPrefix when validating ceph/cephfs prefixes
- lxd/device/disk: Use d.sourceIsLocalPath when validating source host path exists
- lxd/instance/qemu: Enable multiqueue on tap NICs
- lxd/instance/qemu: Use a minimum of 2 network queues
- lxd/storage/drivers/driver/zfs/volumes: Error quoting in RestoreVolume
- lxd/storage/backend/lxd: Don't fail in DeleteInstanceSnapshot if volume DB record already deleted
- lxd/storage/backend/lxd: Fix deleting subsequent snapshots for ZFS in RestoreInstanceSnapshot
- lxd/instances/post: Use source.Project when loading instance to get instance type in containersPost
- lxd/instances/post: Error quoting in containersPost
- lxd/instances/post: Add comment about default instance type for migration in containersPost
- lxd/instances/post: Populate req.Source.Project with project.Default if not specified in containersPost
- test/suites/projects: Adds tests for copying snapshot to another project
- lxd/instances/post: Rename project to targetProject to differentiate between source.Project in containersPost
- lxd/instances/project: Import project package normally and rename project var to projectName
- doc/image-handling: Fix typo
- shared/proxy: Support CIDR ranges in
no_proxy - simplestreams: Drop duplicated slash
- lxd/instance/drivers/qmp: Fix race in Disconnect
- test/suites/static/analysis: Fixes ineffassign usage due to upstream changes
- lxd/instance: Copy snapshot expiry in instanceCreateAsCopy
- lxd/migration: Rebuilds protobuf using protoc v3.14 and latest google.golang.org/protobuf/cmd/protoc-gen-go
- lxd/migration: Adds expiry_date field to snapshots protobuf
- lxd/migrate/instance: Populate expiry date in snapshotToProtobuf
- lxd/migrate/storage/volumes: Populate zero expiry date in volumeSnapshotToProtobuf
- lxd/storage/migration: Populate expiry date in snapshotProtobufToInstanceArgs
- lxd/migration/migration/volumes: Updates TypesToHeader and MatchTypes to use a pointer to MigrationHeader
- lxd/migrate/instance: Avoid copying migration.MigrationHeader due to new internal state lock added by protobuf
- lxd/migrate/storage/volumes: Avoid copying migration.MigrationHeader due to new internal state lock added by protobuf
- lxd/migrate/instance: Fix snapshotToProtobuf to not use loop pointer for device name
- lxd/storage/migration: Conistently use accessor functions in snapshotProtobufToInstanceArgs
- test/suites/snapshots: Adds test for local copy of snapshot expiry date
- test/suites/migration: Adds test for copying snapshot expiry date during migration
- test/suites/migration: Adds test to ensure snapshot devices are copied during migration
- lxd/storage/quota/projectquota: Consistent comment endings and error quoting
- lxd/storage/drivers/driver/dir/utils: Updates setQuota to remove old quota if volID has changed
- lxd/storage/drivers/driver/dir/utils: Modifies setupInitialQuota to not use initQuota
- lxd/api/internal: Updates internalImportFromRecovery to reinitialise root disk quota
- lxd: Rename Operation types
- lxd/db: Rename operation type descriptions
- lxd/network/network/interface: Adds handleDependencyChange function
- lxd/network/driver/common: Adds notifyDependentNetworks function and no-op placeholder handleDependencyChange function
- lxd/resources: Always initialize lists
- lxd/storage/utils: Improves error message in VolumeUsedByExclusiveRemoteInstancesWithProfiles
- lxd/db/instances: Updates InstanceList to accept filter to pass to GetInstances()
- lxd/db/instances: Clarifies comment and arg name on GetLocalInstancesInProject
- lxd/db/instances/test: cluster.InstanceList usage
- lxd/storage/utils: s.Cluster.InstanceList usage
- lxd/patches: InstanceList usage
- lxd/network/network/utils/sriov: Adds SR-IOV allocation functions
- lxd/network/network/utils/sriov: Updates SRIOVGetHostDevicesInUse to use InstanceList()
- lxd/network/network/utils/sriov: Adds network usage support to SRIOVGetHostDevicesInUse
- lxd/network/network/utils/sriov: SRIOVGetHostDevicesInUse usage
- lxd/network/network/utils/sriov: Updates SRIOVFindFreeVirtualFunction args to not need Device
- lxd/network/network/utils/sriov: Adds SRIOVGetVFDevicePCISlot function
- lxd/network/network/utils: Adds InterfaceBindWait function
- lxd/device/pci: Adds PCI device management package
- lxd/device/infiniband/sriov: SRIOV network function usage
- lxd/device/nic/physical: Use pci package
- lxd/device/gpu: Use pci package
- lxd/device/nic/sriov: network.InterfaceBindWait
- lxd/device/nic/sriov: Use pci package
- lxd/device/nic/sriov: SRIOV network function usage
- lxd/device/nic/sriov: Comment clarity in setupSriovParent
- lxd/device/nic/sriov: Removes networkGetVFDevicePCISlot function
- lxd/device/device/utils/generic: Removes pci functions
- lxd/device/device/utils/network: Removes networkInterfaceBindWait function
- lxd/device/device/utils/instance: Removes instanceGetReservedDevices function
- lxd/network/driver/bridge: Comment improvements
- lxd/init: Clarify https listener question
- client: Fix output of GetClusterMemberNames
- openvswitch/ovs.go: Simplify return in Installed method
- rbac/server.go: Sleep for seconds instead of nanoseconds
- lxd/instance/drivers/driver/qemu: Updates SaveConfigFile to return nil
- lxd/api/internal: Updates internalImportFromRecovery to call inst.SaveConfigFile
- test/suites/backup: Adds test to check exec works after recovery of running container
- cluster/raft/file_snapshot.go: defer after checking error
- lxd/storage/drivers/driver/cephfs/volumes: Updates RenameVolume newName arg to newVolName to bring inline with other drivers
- lxd/storage/drivers/driver/ceph/volumes: Fix UnmountVolume to actually deactivate VM block volumes
- lxd/storage/drivers/driver/ceph/volumes: Fix RenameVolume to also rename FS volume for VM volumes
- lxc/network: Adds support for attaching instance to a managed network using
networkproperty - test/suites/container/devices/proxy: Ensure ipv6 nat tests use a network with stateful DHCPv6 enabled
- test/suites/network: Updates static IPv6 allocation test to actually test stateful DHCPv6
- test/suites/container/devices/nic/bridged: Improve validation of DHCPv6 allocation
- lxc/query: Prevent using --project
- i18n: Update translation templates
- lxd/utils: Compare all addresses from lookup in IsAddressCovered, lxc#8340
- lxd/resources: Support DMI for CPU information
- lxd/device/nic/routed: Ensure IP neighbour proxy entries are removed on stop
- lxd/device/nic/routed: Adds duplicate address detection
- lxd/device/disk: Validate size field properly
- lxd/device/nic/bridged: Only attempt to release DHCP leases if bridge interface exists
- lxd/device/nic/bridged: Improve error context prefix in networkClearLease
- lxd/device/nic/bridged: Use %q for error quoting in networkClearLease
- lxd/device/nic/bridged: Improve error context prefix in State
- lxd/instance: Fix progress on ceph instance move
- lxd/storage/backend/lxd: Use volume config in UpdateInstanceBackupFile so that volume.block.filesystem setting is used
- lxd/storage/drivers/utils: Adds filesystem being used to TryMount error
- lxd: Smarter handling of volatile keys in projects
- lxd/project: Strip volatile on copy/migrate
- tests: Update project restrictions test
- lxd/instance/drivers/driver/lxc: Umount instance after CRIU state path check in Restore
- lxd/instance/drivers/driver/lxc: Avoid duplicated call to UpdateBackupFile in Restore
- lxd/instance/drivers/driver/lxc: Log instance restarting after snapshot restore
- lxd/instance/drivers/driver/lxc: Always run UpdateBackupFile in Update
- lxd/instance/drivers/driver/qemu: Removes unnecessary call to UnmountInstance in Restore
- lxd/instance/drivers/driver/qemu: Remove unnecessary call to UpdateBackupFile
- lxd/instance/drivers/driver/qemu: Log instance restarting after snapshot restore
- lxd/instance/drivers/driver/lxc: Copy parent volume config to snapshot volume config in lxcCreate
- lxd/instance/drivers/driver/qemu: Copy parent volume config to snapshot volume config in qemuCreate
- doc/rest-api: Fix typo
- doc/rest-api: Fix missing escaping
- lxd/instance: Tweak error and resource links
- client: Adds support for bulk instance state change.
- test/suites/snapshots: Adds snapshot block.filesystem config check for LVM & Ceph
- shared/api: Adds support for bulk instance state change.
- shared/api: Change mass update API
- client: Re-order functions
- lxd: Rename container functions
- lxd/instance_state: Simplify
- lxd/instance: Refactor state handling
- lxd/instance/drivers: Move ephemeral restart logic
- lxd/db/instances: Improve error message from CreateInstanceConfig
- lxd/instance/drivers/driver/common: Adds insertConfigkey function
- lxd/instance/drivers/driver/lxc: Updates FillNetworkDevice to use d.insertConfigkey
- lxd/instance/drivers/driver/qemu: Updates FillNetworkDevice to use d.insertConfigkey
- lxd/vm: Expose ISO images as SCSI cdroms
- lxd/storage: Cleanup CreateInstanceFromCopy
- lxd/storage/utils: Updates VolumeDBCreate to accept volume and content type typed arguments
- lxd/storage/backend/lxd: Error quoting and wrapping
- lxd/storage/backend/lxd: Expand argument type in updateVolumeDescriptionOnly
- lxd/storage/backend/lxd: VolumeDBCreate updated usage
- lxd/instance/drivers/driver/lxc: Fix volatile config key scoping issue in FillNetworkDevice
- lxd/instance/drivers: Detect failed volatile key generation
- lxc/instance/drivers/driver/common: Removes empty value check from insertConfigkey
- lxd/instance/drivers/driver/common: Prevent existing row check from wiping out desired key value in insertConfigkey
- lxd/instance/drivers: More checks and error contexts in FillNetworkDevice
- lxd/db/query/retry: Adds detection of checkpoint in progress to IsRetriableError
- lxd/instance/drivers/driver/qemu: Error alignment with container driver in Rename
- lxd/storage/utils: Improves error in VolumeDBCreate
- lxd/db/storage/volumes: Populates ProjectName field in GetLocalStoragePoolVolumeSnapshotsWithType
- lxd/instance/drivers/driver/lxc: Error context in Rename
- lxd/instances/post: Unwraps long error and using double quotes placeholder
- lxd/instance/instance/interface: Adds TemplateTrigger type and constants for template trigger types
- lxd/instance: Adds instanceCreateAsCopyOpts argument for instanceCreateAsCopy options
- lxd/instances/post: instanceCreateAsCopy updated usage
- lxd/instance/instance/interface: Updates DeferTemplateApply to accept TemplateTrigger type argument
- lxd/instance/drivers/driver/common: Updates DeferTemplateApply to accept a TemplateTrigger type argument
- lxd/storage/backend: inst.DeferTemplateApply usage
- lxd/instances/post: inst.DeferTemplateApply usage
- lxd/instance/drivers/driver/lxc: Updates templateApplyNow to accept a TemplateTrigger argument
- lxd/instance/drivers/driver/lxc: d.templateApplyNow usage
- lxd/instance/drivers/driver/qemu: Updates templateApplyNow to accept a TriggerTemplate type argument
- lxd/instance/drivers/driver/qemu: d.templateApplyNow usage
- lxd/instance/instance/interface: Adds applyTemplateTrigger argument to Rename
- lxd/instance/drivers/driver/lxc: Adds applyTemplateTrigger argument to Rename
- lxd/instance/drivers/driver/qemu: Adds applyTemplateTrigger argument to Rename
- lxd/instance/post: inst.Rename usage
- lxd/instance/snapshot: sc.Rename usage
- lxd/storage/backend/lxd: Removes call to deferred template apply in RenameInstance
- lxd/instance/test: c.Rename usage
- shared/api: Add Pool field to InstancePost
- client: Add extension check for pool migration
- test: Add tests for volatile.apply_template config during create, copy and move
- test: Adds check for volatile.apply_template state after rename
- test: Add test for moving instance between pools without renaming
- lxd/images: Skip keys with empty values
- lxd/device: Fix instance type validations
- shared/instance: Adds ErrNoRootDisk error var and returns it from GetRootDiskDevice
- lxd/instance: Enforces that target instance should have valid root disk config after DB create in instanceCreateAsCopy
- lxd/instance: Don't assume root disk is called "root" when copying snapshots from a source instance
- lxd/instance/drivers/driver_qemu: attempt to kill qemu proc on stop
- lxd/instance/driver_qemu: Add check for qemu cmdline args to pid()
- forkproxy: prevent zombies
- lxd: Change some references of container to instance in comments
- lxd/instance/post: Change error message to instance from container in instancePost
- lxd/main/forkdns: Returns empty AAAA record response when equivalent A record exists
- lxd/main/forkdns: Fixes typo in comment
- test: Adds test for empty AAAA response when equivalent A record exist in clustering forkdns
- lxd/device/pci: Consider DeviceUnbind successful on missing driver
- shared/validate: Validate PCI addresses
- lxd/device/gpu: Validate PCI addresses
- lxd/device: Add function to validate PCI path
- lxd/device: Add support for GPU SR-IOV
- api: gpu_sriov extension
- doc: Add SR-IOV GPU
- lxd/device/gpu_mdev: Valdiate PCI address and path
- lxd/device/gpu_physical: Validate PCI address and path
- lxd/instance/qemu: Cleanup VGA ROM check
- lxd/network/driver/bridge: Update DHCPv4Subnet to return fan bridge address subnet when in fan mode
- lxd/device/nic/bridge: Updates validateConfig to use parent networks DHCP subnet functions when validating address
- Revert "test: Add test for moving instance between pools without renaming"
- tests: Fix for stable-4.0
- shared/termios: Fix static builds
- shared/idmap: Fix shared/ build on non-cgo
- shared/instancewriter/: Fix shared/ build on non-cgo
- shared/eagain: Restrict to Linux
- shared/subprocess: Restrict to unix
- lxd/db/generate: Move DB generator
- github: Replace Travis and Appveyor with Actions
- README: Update for 4.0
- lxc/manpage: Add markdown, reST and YAML output
- i18n: Update translation templates
- lxd/device/gpu: Skip nvidia directories
- lxd/device: Free up the pci name
- lxd/device: Support for both pci= and address= in checker
- lxd/device/pci: Add NormaliseAddress
- lxd/device: Have validatePCIDevice take an address
- lxd/instance/qemu: Rename qemuNetDevPhysical to qemuPCIPhysical
- cgroup: fix cgroup2 device driver settings
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.10 リリースのお知らせ¶
8th of January 2021
はじめに ¶
LXD チームは LXD 4.10 のリリースをお知らせできることにとてもワクワクしています!
このリリースは軽めのリリースです。それは、LXD チームは 12 月 18 日から 1 月 4 日までお休みをいただいていたためです。しかし、多くのバグフィックスといくつか新しい改良が行われました。
Enjoy!
新機能とハイライト ¶
ネットワークの状態表示内の VLAN 情報 ¶
ボンディングやブリッジの情報のように、新たに VLAN 構造をネットワーク状態のエンドポイントに追加しました。これは下位デバイスとインターフェースの VLAN ID を表示します。
root@abydos:~# lxc query /1.0/networks/bond-sw01.100/state
{
"addresses": [],
"bond": null,
"bridge": null,
"counters": {
"bytes_received": 213651991756,
"bytes_sent": 42453202,
"packets_received": 97607519,
"packets_sent": 431818
},
"hwaddr": "0a:0f:7c:6e:db:d9",
"mtu": 1500,
"state": "up",
"type": "broadcast",
"vlan": {
"lower_device": "bond-sw01",
"vid": 100
}
}
VM のプロキシーデバイスのサポート(NAT のみ) ¶
仮想マシンで proxy デバイスが使えるようになりました。
これは NAT モード(nat=true)でのみ機能するので、両サイドで同じプロトコルを使う必要があります。
ブリッジポートの隔離 ¶
ブリッジネットワークインターフェースに新たに security.port_isolation を追加しました。これによりインターフェース間の通信を制限できるようになりました。
イメージプロパティに関する新しいサブコマンド ¶
イメージプロパティへのアクセス、設定、解除のために、新たに lxc image コマンドに 3 つの新しいサブコマンドを追加しました。
- lxc image get-property
- lxc image set-property
- lxc image unset-property
例 :
stgraber@castiana:~$ lxc image get-property 305db7054652 os Ubuntu stgraber@castiana:~$ lxc image set-property 305db7054652 foo bar stgraber@castiana:~$ lxc image get-property 305db7054652 foo bar stgraber@castiana:~$ lxc image unset-property 305db7054652 foo stgraber@castiana:~$
VM 内のマルチキューネットワーキング ¶
仮想マシン上のネットワークインターフェースは、仮想マシンに割り当てられた仮想 CPU の数と一致するように RX キューおよび TX キューの数を自動的に設定するようになりました。
これにより、高速ネットワークを扱う場合には特にネットワークパフォーマンスが大幅に向上するはずです。
すべての変更点(翻訳なし) ¶
このリリースでの完全な変更点のリストは次のとおりです:
- lxd/network/network/interface: Adds Project function
- lxd/network/driver/common: Adds Project function
- lxd/network/driver/common: Remove cluster notification and DB record removal from delete() function
- lxd/network/driver: Always delete when requested, ignore LocalStatus() pending
- lxc/networks: Remove revert removal on failure of clustered network in networksPost
- lxd/networks: Allow re-create of pending network when pending nodes already exist in networksPost
- lxd/networks: Adds revert to doNetworksCreate
- lxd/networks: Moves cluster notification an DB record removal into networkDelete
- shared/api: Fix typo
- shared/api: Add NetworkStateVLAN
- lxd/resources: Add VLAN struct
- api: Add network_state_vlan
- lxd/instance/qmp: Update for go-qmp change
- lxd/backup: Fix URL in lifecycle events
- Add DeepSource config
- Use result of type assertion to simplify cases
- Replace .Sub(time.Now()) with time.Until() handler
- Remove unnecessary fmt.Sprintf() on string
- Omit comparison with boolean constant
- lxd/db/networks: Adds duplicate key detection to getNetworkConfig
- lxd/db/networks: Adds NetworkErrored function
- lxd/db/networks: Changes UpdateNetwork to not set created status
- lxd/network/driver/ovn: Reject instance port start if cannot find DHCP options
- lxd/networks: Updates doNetworksCreate to accept a Network rather than load its own
- lxd/networks: Debug log consistency in doNetworksCreate
- lxd/networks: doNetworksCreate usage
- lxd/networks: When auto creating pending nodes, don't pass global config into DB function in networksPost
- lxd/networks: Adds networkPartiallyCreated helper function
- lxd/networks: Updates networksPostCluster to detect existing global config and skip create if already exists
- lxd/api/cluster: Skip non-created networks when joining
- lxd/device/nic: Don't allow NICs to use networks that are not created
- lxd/db/networks: Renames ClusterTx GetNonPendingNetworks to GetCreatedNetworks
- lxd/db/networks: Renames Cluster GetNonPendingNetworks to GetCreatedNetworks
- lxd/api/cluster: cluster.GetCreatedNetworks usage
- lxd/network: tx.GetCreatedNetworks usage
- lxd/networks: s.Cluster.GetCreatedNetworks usage
- lxd/patches: tx.GetCreatedNetworks usage
- test/suites/clustering: More network clustering tests
- lxd/db/networks: Tighten restrictions in CreatePendingNetwork to only allow pending nodes to be added while network is pending
- lxd/networks: Allow single node cluster network create using --target
- lxd/db/cluster/update: Adds patch updateFromV41 function
- lxd/storage/pools/utils: Debug log consistency in storagePoolCreateLocal
- lxd/db/storage/pools: Adds duplicate key detection to getStoragePoolConfig
- lxd/storage/pools: storagePoolsPost comments line width
- lxd/db/storage/pools: Adds StoragePoolErrored function
- lxd/db/storage/pools: Renames GetNonPendingStoragePoolNames to GetCreatedStoragePoolNames
- lxd/api/cluster: cluster.GetCreatedStoragePoolNames usage
- lxd/storage/pools/utils: Renames id arg to poolID in storagePoolCreateLocal
- lxd/storage: s.Cluster.GetCreatedStoragePoolNames usage
- lxd/storage/pools: Restructures storagePoolsPost to align with networksPost
- lxd/storage/pools: Updates storagePoolsPostCluster to reject global config on re-create attempts
- lxd/storage/pools: Adds storagePoolPartiallyCreated function
- test/suites/clustering: Updates storage pool status tests
- lxd/db/storage/pools: Improve errors in CreatePendingStoragePool
- test/suites/clustering: Adds additional storage pool state tests
- lxd/db/cluster/update: Adds patch updateFromV42 function
- lxd/device: Add support for bridge port isolation
- api: Add instance_nic_port_isolation extension
- lxd/instance/drivers/qmp/monitor: Handle closed event channel from qmp package in run
- lxd/instance/drivers/driver/qemu: Logs when instance is stopped in getMonitorEventHandler
- lxd/instance/operationlock: Fixes deadlock caused by call to Reset in Create
- lxd/instance/operationlock: Store operation in instanceOperations before calling go routine
- lxd/instance/operationlock: Exit go routine started in Create when the operation is done
- lxd/network/driver/ovn: Detect IPv6 DHCP options correctly
- lxd/device: allow adding proxy device to VM instances
- lxd/instance/drivers: run device post-start hooks in QEMU driver
- doc: update
proxydoc to reflect VM support - lxd/device/nic/routed: Switches to network.InterfaceExists for clarity
- lxd/device/nic/routed: Remove host side veth interface if exists in postStop
- lxd/network/driver/ovn: Adds support for physical uplink interface to be a bridge
- lxd/db/networks: Corrects comment on GetCreatedNetworks
- lxd/network/driver/physical: Clarify error when changing parent interface when in use
- lxd/network/driver/bridge: Don't apply updates to node when network is pending
- lxd/network/driver: Don't apply changes to node if network is pending
- lxd/storage/backend/lxd: Only apply local node changes if both pool and node status are not pending
- lxc/image: Add support for directly getting, setting and unsetting image properties
- i18n: Update translation templates
- lxd/db/cluster/update: Modifies updateFromV43 and updateFromV42 to use IFNULL(node_id, -1) to avoid nodes with 0 ID
- lxd/db/cluster: Adds updateFromV43 patch that adds unique index to storage_pools_config and networks_config table
- doc: features.networks is not enabled by default for projects
- shared/util: Adds StringHasPrefix function
- lxd/device/disk: Adds sourceIsLocalPath function
- lxd/device/disk: Use shared.StringHasPrefix when validating ceph/cephfs prefixes
- lxd/device/disk: Use d.sourceIsLocalPath when validating source host path exists
- lxd/instance/qemu: Enable multiqueue on tap NICs
- lxd/instance/qemu: Use a minimum of 2 network queues
- lxd/storage/drivers/driver/zfs/volumes: Error quoting in RestoreVolume
- lxd/storage/backend/lxd: Don't fail in DeleteInstanceSnapshot if volume DB record already deleted
- lxd/storage/backend/lxd: Fix deleting subsequent snapshots for ZFS in RestoreInstanceSnapshot
- lxd/instances/post: Use source.Project when loading instance to get instance type in containersPost
- lxd/instances/post: Rename project to targetProject to differentiate between source.Project in containersPost
- lxd/instances/post: Error quoting in containersPost
- lxd/instances/post: Add comment about default instance type for migration in containersPost
- lxd/instances/project: Import project package normally and rename project var to projectName
- lxd/instances/post: Populate req.Source.Project with project.Default if not specified in containersPost
- test/suites/projects: Adds tests for copying snapshot to another project
- doc/image-handling: Fix typo
- shared/proxy: Support CIDR ranges in
no_proxy - simplestreams: Drop duplicated slash
- lxd/instance/drivers/qmp: Fix race in Disconnect
- test/suites/static/analysis: Fixes ineffassign usage due to upstream changes
- lxd/instance: Copy snapshot expiry in instanceCreateAsCopy
- lxd/migration: Rebuilds protobuf using protoc v3.14 and latest google.golang.org/protobuf/cmd/protoc-gen-go
- lxd/migration: Adds expiry_date field to snapshots protobuf
- lxd/migrate/instance: Populate expiry date in snapshotToProtobuf
- lxd/migrate/storage/volumes: Populate zero expiry date in volumeSnapshotToProtobuf
- lxd/storage/migration: Populate expiry date in snapshotProtobufToInstanceArgs
- lxd/migration/migration/volumes: Updates TypesToHeader and MatchTypes to use a pointer to MigrationHeader
- lxd/migrate/instance: Avoid copying migration.MigrationHeader due to new internal state lock added by protobuf
- lxd/migrate/storage/volumes: Avoid copying migration.MigrationHeader due to new internal state lock added by protobuf
- lxd/migrate/instance: Fix snapshotToProtobuf to not use loop pointer for device name
- lxd/storage/migration: Conistently use accessor functions in snapshotProtobufToInstanceArgs
- test/suites/snapshots: Adds test for local copy of snapshot expiry date
- test/suites/migration: Adds test for copying snapshot expiry date during migration
- test/suites/migration: Adds test to ensure snapshot devices are copied during migration
- lxd/storage/quota/projectquota: Consistent comment endings and error quoting
- lxd/storage/drivers/driver/dir/utils: Updates setQuota to remove old quota if volID has changed
- lxd/storage/drivers/driver/dir/utils: Modifies setupInitialQuota to not use initQuota
- lxd/api/internal: Updates internalImportFromRecovery to reinitialise root disk quota
- lxd/network/openvswitch/ovn: Adds mayExist argument to LogicalRouterAdd
- lxd/network/openvswitch/ovn: Adds mayExist argument to LogicalRouterSNATAdd
- lxd/network/openvswitch/ovn: Simplifies LogicalRouterRouteAdd
- lxd/network/openvswitch/ovn: Adds mayExist argument to LogicalRouterPortAdd
- lxd/network/openvswitch/ovn: Adds LogicalRouterSNATDeleteAll function
- lxd/network/openvswitch/ovn: Clear unused keys in LogicalSwitchSetIPAllocation
- lxd/network/openvswitch/ovn: Adds support for clearing unused settings in LogicalRouterPortSetIPv6Advertisements
- lxd/network/openvswitch/ovn: Adds LogicalRouterPortDeleteIPv6Advertisements function
- lxd/network/driver/ovn: Enforce that ipv6.address if specified is at least a /64 subnet
- lxd/network/driver/ovn: Pass update flag to mayExist where possible
- lxd/network/driver/ovn: Delete SNAT rules from route before adding new ones
- lxd/network/driver/ovn: Improve SNAT failure errors
- lxd/network/driver/ovn: Pass update to mayExists when setting up default routes
- lxd/network/driver/ovn: Create internal router port before DHCP option setup
- lxd/network/driver/ovn: Modifies IPv6 RA settings and removes them entirely when IPv6 disabled
- lxd/network/driver/ovn: Don't return DHCPv6 subnet if IPv6 prefix smaller than /64
- lxd: Rename Operation types
- lxd/db: Rename operation type descriptions
- lxd/network/network/interface: Adds handleDependencyChange function
- lxd/network/driver/common: Adds notifyDependentNetworks function and no-op placeholder handleDependencyChange function
- lxd/network/driver/ovn: Adds handleDependencyChange function
- lxd/network/driver/physical: Calls notifyDependentNetworks when config is updated
- lxd/network/openvswitch/ovn: Adds LogicalRouterDNATSNATDeleteAll function
- lxd/network/openvswitch/ovn: Clarifies DNAT_AND_SNAT related function comments
- lxd/network/openvswitch/ovn: Adds LogicalSwitchPortExists function
- lxd/network/driver/ovn: Moves instance NIC port config parsing into InstanceDevicePortConfigParse function
- lxd/network/driver/ovn: Updates InstanceDevicePortAdd to accept an uplinkConfig argument
- lxd/network/driver/ovn: Clarifies argument names in the context of an OVN dependent network in handleDependencyChange
- lxd/network/driver/ovn: Updates handleDependencyChange to handle changes to uplink network's ovn.ingress_mode setting
- lxd/device/nic/ovn: Updates NIC to use d.network.InstanceDevicePortConfigParse and updated d.network.InstanceDevicePortAdd
- lxd/resources: Always initialize lists
- lxd/storage/utils: Improves error message in VolumeUsedByExclusiveRemoteInstancesWithProfiles
- lxd/db/instances: Updates InstanceList to accept filter to pass to GetInstances()
- lxd/db/instances: Clarifies comment and arg name on GetLocalInstancesInProject
- lxd/db/instances/test: cluster.InstanceList usage
- lxd/storage/utils: s.Cluster.InstanceList usage
- lxd/network/driver/ovn: n.state.Cluster.InstanceList usage
- lxd/patches: InstanceList usage
- lxd/network/network/utils/sriov: Adds SR-IOV allocation functions
- lxd/network/network/utils/sriov: Updates SRIOVGetHostDevicesInUse to use InstanceList()
- lxd/network/network/utils/sriov: Adds network usage support to SRIOVGetHostDevicesInUse
- lxd/network/network/utils/sriov: SRIOVGetHostDevicesInUse usage
- lxd/network/network/utils/sriov: Updates SRIOVFindFreeVirtualFunction args to not need Device
- lxd/network/network/utils/sriov: Adds SRIOVGetVFDevicePCISlot function
- lxd/network/network/utils: Adds InterfaceBindWait function
- lxd/device/pci: Adds PCI device management package
- lxd/device/infiniband/sriov: SRIOV network function usage
- lxd/device/nic/physical: Use pci package
- lxd/device/gpu: Use pci package
- lxd/device/nic/sriov: network.InterfaceBindWait
- lxd/device/nic/sriov: Use pci package
- lxd/device/nic/sriov: SRIOV network function usage
- lxd/device/nic/sriov: Comment clarity in setupSriovParent
- lxd/device/nic/sriov: Removes networkGetVFDevicePCISlot function
- lxd/device/device/utils/generic: Removes pci functions
- lxd/device/device/utils/network: Removes networkInterfaceBindWait function
- lxd/device/device/utils/instance: Removes instanceGetReservedDevices function
- lxd/network/driver/bridge: Comment improvements
- lxd/network/driver/ovn: Updates addChassisGroupEntry to generate chassis priority using stable random value
- i18n: Update translations from weblate
- lxd/init: Clarify https listener question
- doc: Fixes typo in macvlan NIC section
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.9 リリースのお知らせ¶
11th of December 2020
はじめに ¶
LXD チームは LXD 4.9 のリリースをお知らせできることにとてもワクワクしています!
このリリースには、オースティンにあるテキサス大学の学生からの次のコントリビューションが含まれています:
- プロジェクトに対する
limits.instances設定 - サーバー情報に qemu ドライバーとバージョンを表示
- リソース API 内に
IOMMUグループを表示 - サーバー設定内の
user.設定
それに加えて、GPU の媒介(mediated)デバイスのパススルーが使えるようになり、ライフサイクルイベントにいくつか改良をほどこし、リソース API へいくつか追加を行い、zstd 圧縮が使えるようになり、OVN ユーザーのための様々な新しいオプションを追加しています。
Enjoy!
新機能とハイライト ¶
仮想マシンに対する GPU 媒介デバイス ¶
LXDで、媒介デバイス(mediated device)をサポートしているGPUから媒介デバイスを割り当てることができるようになり、それを仮想マシンにアタッチできるようになりました。
これは、新たに導入された gpu のための設定 gputype によって行います。設定値は現時点では次の値をサポートしています:
physical(全 GPU。従来のデフォルトの動作)mdevプロファイルを指定するための追加のmdevキーと組み合わせて使います
lxc info --resources でも mdev プロファイルが表示されるようになりました。
GPU:
NUMA node: 0
Vendor: Intel Corporation (8086)
Product: HD Graphics 620 (5916)
PCI address: 0000:00:02.0
Driver: i915 (5.8.0-29-generic)
DRM:
ID: 0
Card: card0 (226:0)
Control: controlD64 (226:0)
Render: renderD128 (226:128)
Mdev profiles:
- i915-GVTg_V5_4 (1 available)
low_gm_size: 128MB
high_gm_size: 512MB
fence: 4
resolution: 1920x1200
weight: 4
- i915-GVTg_V5_8 (2 available)
low_gm_size: 64MB
high_gm_size: 384MB
fence: 4
resolution: 1024x768
weight: 2
PCI デバイスの IOMMU グループ ¶
リソース API(/1.0/resources)の PCI セクションのデバイスそれぞれには、IOMMU グループの ID を示す iommu_group が表示されるようになりました。
これは、パススルーネットワークや GPU デバイスを仮想マシンに追加する前に IOMMU トポロジーを確認するのにとても役立ちます。
stgraber@castiana:~$ lxc query /1.0/resources | jq .pci.devices[-1]
{
"driver": "xhci_hcd",
"driver_version": "5.8.0-29-generic",
"iommu_group": 16,
"numa_node": 0,
"pci_address": "0000:3c:00.0",
"product": "JHL6540 Thunderbolt 3 USB Controller (C step) [Alpine Ridge 4C 2016]",
"product_id": "15d4",
"vendor": "Intel Corporation",
"vendor_id": "8086"
}
サーバ環境情報内の QEMU バージョン表示 ¶
次の lxc info の実行例に表示されているように、システムの QEMU のバージョンが driver と driver_version に含まれるようになりました。
stgraber@castiana:~$ lxc info | grep " driver" driver: lxc | qemu driver_version: 4.0.0 (devel) | 5.2.0
ライフサイクルイベントの改良 ¶
ライフサイクルイベントを実装しなおして拡張しました。
現時点の完全なリストは次のとおりです:
- instance-created
- instance-renamed
- instance-deleted
- instance-updated
- instance-started
- instance-stopped
- instance-shutdown
- instance-restarted
- instance-paused
- instance-resumed
- instance-snapshot-create
- instance-snapshot-renamed
- instance-snapshot-deleted
- instance-restored
- instance-backup-created (new)
- instance-backup-renamed (new)
- instance-backup-deleted (new)
- network-created (new)
- network-updated (new)
- network-renamed (new)
- network-deleted (new)
お気づきのように、従来の container と virtual-machine のプレフィックスが混じった状態ではなく、一貫して instance が使われるようになりました。バックアップのためにイベントが不足していた問題がいくつか解消され、ネットワークイベントの初期カバレッジも追加されました。
user. キーがすべてのオブジェクトで使用可能に¶
このリリースで、設定を保持するすべての LXD オブジェクト内で user. キーが使えるようになりました。これらのキーは、追加のコンテキストを保存する必要がある外部のオーケストレーションシステムやモニタリングシステムで特に役に立ちます。
最近、これらのキーはサーバ自身を除くすべてのオブジェクトで使えましたが、これが解決されました。
stgraber@castiana:~$ lxc config set user.foo bar stgraber@castiana:~$ lxc config get user.foo bar
USB・ネットワークリソースの usb_address と pci_address プロパティ ¶
usb_address フィールドが、新たにソース API 内のネットワークとストレージデバイスの両方に追加されました。USB 接続がなされた際、デバイスの <bus>:<dev> で表示されます。これは PCI デバイスの pci_address にとても似ています。
同時に、ストレージデバイスになかった pci_address フィールドも追加されました。
stgraber@castiana:~$ lxc query /1.0/resources | jq .storage.disks[-1]
{
"block_size": 512,
"device": "8:0",
"device_id": "usb-Kingston_DataTraveler_3.0_08606E6B6612BE50D7168119-0:0",
"device_path": "pci-0000:00:14.0-usb-0:1:1.0-scsi-0:0:0:0",
"firmware_version": "PMAP",
"id": "sda",
"model": "DataTraveler 3.0",
"numa_node": 0,
"partitions": [
{
"device": "8:1",
"id": "sda1",
"partition": 1,
"read_only": false,
"size": 7863254528
}
],
"read_only": false,
"removable": true,
"rpm": 0,
"serial": "08606E6B6612BE50D7168119",
"size": 7864320000,
"type": "usb",
"usb_address": "2:7"
}
OVN ネットワークの ipv4.dhcp と ipv6.dhcp ¶
OVN ネットワークで IPv4 と IPv6 の DHCP をそれぞれ無効化できるようになりました。
これは、従来のマネージドブリッジと同様に、ipv4.dhcp と ipv6.dhcp の設定により行います。
物理ネットワーク上の ovn.ingress_mode ¶
OVN ネットワークに外部アドレスもしくはサブネットを割り当てる場合、特定の OVN ルーターがそのトラフィックを取り扱っていることを上流のゲートウェイに知らせる必要があります。
これまでは、L2 プロキシーを使って行っており、事実上 OVN は、処理を行わなければいけないネットワークとインスタンス上で、アップリンクネットワーク上の ARP/NDP パケットに対して応答することになっています。
これは多くのケースでうまく機能し、外部でルートを設定する必要はなくなります。しかし、OVN 自体で個別のアドレスレコードが必要となり、特に大きなサブネットではスケールしません(IPv4 での /24 や IPv6 での /64 を考えてみてください)。
このようなケースのために、新たに ovn.ingress_mode という設定が追加され、routed と設定できるようになりました。これは上流のルーターが、どのサブネットがどの OVN ルーターにルーティングされるのかを知っているため、OVN が各単独のアドレスごとに個別に処理する必要がないことを示しています。
これを https://github.com/stgraber/lxd-bgp のようなものと組み合わせて、上流のルーターのダイナミックなルーティング・プロトコルを使って、関連する OVN ルーターに対する必要なルートを自動的に設定できます。
物理ネットワーク上の ipv4.routes.anycast と ipv6.routes.anycast ¶
前のエントリーに関連して、LXD がルーティングされたサブネットに対して実行するチェックをバイパスするために、2つの新しい設定が追加されました。
この設定だけで、ふたつのネットワークのバックで使われたり、同時にふたつのインスタンスに割り当てられたりするのを防ぎます。しかし、外部ルーティングとダイナミックルーティングをサポートすることで、anycast を行うことができるようになります。
これがサポートされている環境では、ipv4.routes.anycast と ipv6.routes.anycast を true に設定し、サブネットの重複チェックを回避し、ふたつのインスタンスが同じパブリックアドレスを保持できるようにし、トラフィックの取得の決定を上流ルーターに任せることができます。
limits.instances プロジェクトオプション ¶
プロジェクトに設定できた limits.containers と limits.virtual-machines という制限に加えて、新たな制限が設定できるようになりました。
limits.instances を使って、プロジェクト内でタイプに関係なくインスタンス数を全体的に制限できます。
これに従って、次のように設定できます:
- limits.instances: 5
- limits.containers: 5
- limits.virtual-machines: 2
これにより、設定したプロジェクトでは 5 インスタンスまで持つことができます。そのすべてをコンテナにできますが、仮想マシンにできるのは 2 つだけとなります。
イメージとバックアップの zstd 圧縮 ¶
イメージとバックアップで zstd が使えるようになりました。
これは images.compression_algorithmとbackups.compression_algorithmで設定するか、lxc publish や lxc export で直接 --compression を使って指定できます。
すべての変更点(翻訳なし)¶
このリリースでの完全な変更点のリストは次のとおりです:
- lxd/api/project: Reject quotes in project names
- lxd/instance/drivers/driver/lxc: Updates initLXC to use project and instance name in callhook hook commands
- lxd/instance/drivers/driver/lxc: Updates startCommon to quote hook command arguments
- lxd/main/callhook: Updates cmdCallhook to support using project name and instance name in arguments
- lxd/api/internal: Adds support for using instance name and project name in container hook routes
- lxd/storage: Apply rename template
- lxd/patches: Adds patchVMRenameUUIDKey patch to rename config key from volatile.vm.uuid to volatile.uuid
- shared/validate: Adds IsUUID function
- shared/instance: Adds volatile.uuid key to instance validation
- shared/instance: Removes vm.uuid from instance validation in ConfigKeyChecker
- doc/instances: Replaces volatile.vm.uuid with volatile.uuid
- lxd/instance/drivers/driver/qemu: Updates Start to use and populate volatile.uuid instead of volatile.vm.uuid
- lxd/instance/drivers/driver/lxc: Generate instance UUID if not set in startCommon
- lxd/instance/drivers/driver/qemu: Makes UUID generation terminology consistent with container
- lxc/list: Fix typo in help
- i18n: Update translation templates
- lxc/list: Add two new columns (memory % and CPU)
- i18n: Update translation templates
- doc: fix typos in instances.md
- lxd/storage/drivers/driver/zfs/volumes: Remove workarounds for snapshot volume mounting
- lxd/refcount: Adds ref counting package
- lxd/storage/drivers/volume: Adds ref counting functions
- lxd/storage/drivers/volume: Updates MountTask to use new MountVolume signature
- lxd/storage/pool/interface: Removes OurMount from MountInfo struct
- lxd/storage/pool/interface: Removes "our mount" bool return value from MountCustomVolume
- lxd/storage/drivers/interface: Removes "our mount" bool return value from MountVolume
- lxd/storage/drivers/errors: Adds ErrInUse error
- lxd/storage/drivers/drivers/mock: Updates MountVolume signature
- lxd/storage/drivers/utils: Error quoting in shrinkFileSystem
- lxd/storage/drivers/driver/btrfs/volumes: Updates MountVolume signature
- lxd/storage/drivers/driver/ceph/volumes: Adds ref counting to MountVolume and UnmountVolume
- lxd/storage/drivers/driver/cephfs/volumes: Updates MountVolume signature
- lxd/storage/drivers/driver/dir/volumes: Updates MountVolume signature
- lxd/storage/drivers/driver/lvm/volumes: Adds ref counting to MountVolume and UnmountVolume
- lxd/storage/drivers/driver/zfs/volumes: Adds ref counting to MountVolume and UnmountVolume
- lxd/storage/drivers/generic/vfs: Updates genericVFSBackupUnpack to use new MountVolume signature
- lxd/storage/utils: Adds InstanceMount and InstanceUnmount and updates InstanceDiskBlockSize to use them
- lxd/storage/backend/mock: Removes OurMount
- lxd/storage/backend/mock: Removes "our mount" bool return value from MountCustomVolume
- lxd/storage/backend/lxd: Updates mount functions to remove OurMount and use new MountVolume signature
- lxd/storage/backend/lxd/patches: b.driver.MountVolume usage
- lxd/instance/drivers/driver: Unexports common restart function
- lxd/instance/instance/interface: Removes deprecated StorageStart and StorageStop functions
- lxd/instance/drivers/driver/common: Import ordering
- lxd/instance/drivers/driver/lxc: Updates mount usage with ref counting in mind
- lxd/instance/drivers/driver/lxc: Removes deprecated StorageStart and StorageStop
- lxd/instance/drivers/driver/qemu: Updates mount usage with ref counting in mind
- lxd/instance/drivers/driver/qemu: Implements RegisterDevices
- lxd/instance/drivers/driver/qemu: Removes deprecated StorageStart and StorageStop
- lxd/patches: Updates instance mount usage
- lxd/instance/metadata: Removes use of c.StorageStart and c.StorageStop
- lxd/instance/test: Removes use of StorageStart
- lxd/instance: Updates instanceCreateAsSnapshot to use updated mount functions
- lxd/devices: Register devices on all instance types
- lxd/device/disk: Implements Register function
- lxd/device/disk: Updates mount function usage in mountPoolVolume
- lxd/instance/drivers/driver/qemu: mount fixes
- lxd/storage/backend/lxd: Adds revert to MountInstance
- lxd/storage/drivers/driver/ceph/volumes: Adds revert to MountVolume
- lxd/storage/drivers/driver/lvm/volumes: Adds revert to MountVolume
- lxd/storage/drivers/driver/zfs/volumes: Adds revert to CreateVolumeFromBackup
- lxd/storage/drivers/driver/zfs/volumes: Adds revert to MountVolume
- lxd/storage/drivers/driver/zfs/volumes: Simplifies MountVolumeSnapshot and adds revert for parent volume mount
- lxd/storage/drivers/generic/vfs: Adds revert to genericVFSBackupUnpack
- lxd/api/internal: Adds internalImportFromRecovery function for instance recovery import
- lxd/instances/post: Updates createFromBackup to use updated internalImport signature
- lxd/device/disk comments
- test/suites/backup: Updates lxd import tests to expect instance to be unmounted after import
- lxd/instance/drivers/driver/lxc: Moves instance mount before idmap related var loading
- lxd/instance/drivers/driver/lxc: Rotate log file same stage as VM for consistency
- lxd/instance/drivers/driver/qemu: Use instance.LoadByProjectAndName in getMonitorEventHandler
- test: Updates container_import tests to remove lxd import followed by kill and start test
- lxd/storage/backend/lxd: Detect unsupported live copy of VMs and fail with clear message
- lxd/instance/lxc: Add extra check for devpts_fd
- lxd/device/nic/ovn: Removes unused Add function
- lxd/device/nic/bridged: Clarifies when device's Add function is called
- lxd/migrate/instance: Improves comments when instantiating migration.VolumeTargetArgs
- lxd/storage/backend/lxd: Improves comments when instantiating migration.VolumeTargetArgs
- lxd/storage/backend/lxd: Reject custom volume config if supplied in CreateInstanceFromMigration
- lxd/storage/drivers/driver/zfs/volumes: Use srcVol.NewVMBlockFilesystemVolume in CreateVolumeFromCopy
- lxd/storage/drivers/driver/zfs/volumes: Apply filesystem quota in CreateVolumeFromMigration
- lxd/storage/drivers/driver/btrfs/volumes: Apply quota in CreateVolumeFromMigration
- lxd/storage/drivers/driver: Makes size update consistent with other drivers in UpdateVolume
- lxd/storage/drivers/driver/cephfs/volumes: Use vol.ConfigSize() rather than vol.ExpandedConfig("size") for consistency with other drivers
- lxd/storage/drivers/driver/cephfs/volumes: Makes CreateVolumeFromMigration volume quota setting consistent with other non-block-backed drivers
- lxd/ap/internal: Improved error messages from instanceCreateInternal
- lxd/instance: Improved error messages from instanceCreateInternal
- lxd/instances/post: Improved error messages from instanceCreateInternal
- lxd/migrate/instance: Improved error messages from instanceCreateInternal
- lxd/device/disk: Only validate external disk source paths when real instance is loaded
- lxd/instance/drivers/driver/lxc: Remove user facing reference to "common start logic" in error
- lxd/instance/drivers/driver: Just log device add failures when adding device in non-user requested context
- lxd/instance/drivers/driver/lxc: Pass existing isRunning to c.updateDevices to avoid extra call to IsRunning()
- shared: Allow volatile uuid config keys
- lxd/instance/drivers: Support vgpu in qemu template
- lxd/instance/drivers: Support vgpu in VMs
- lxd/device/nic/sriov: Don't fail when resetting VF MAC to 00:00:00:00:00:00
- lxd/device/config: Allow gputype property
- lxd/device: Support mdev GPUs
- doc: Document mdev config key
- api: Add gpu_mdev
- lxc/info: Show mdev profiles
- po: Update translation
- lxd/images: Replace fp with fingerprint in logs
- lxd/daemon/images: Add contextual logging and use "fingerprint" rather than "image" for consistency with other code areas
- lxd/profiles/utils: Remove container references, improve comments
- lxd/db/profiles: Updates GetInstancesWithProfile to return all instance types, not just containers
- shared/instance: Improves comments
- lxd/project/project: Adds ProfileProject and ProfileProjectFromRecord functions
- lxd/profiles: Use project.ProfileProject instead of tx.ProjectHasProfiles
- test/suites/projects: Fix bug in test that assumed project wasn't checked for existence
- lxd/profiles/utils: Updates doProfileUpdate and doProfileUpdateCluster to return project and instance name in error
- lxd/device/device/interface: Moves updatable fields from CanHotPlug() into UpdatableFields()
- lxd/device/errors: Adds ErrCannotUpdate error
- lxd/device/device/common: Updates common implementation of CanHotPlug() and UpdatableFields()
- lxd/device/disk: Adds UpdatableFields function based on instance type
- lxd/device/disk: Only apply running IO limits to containers in Update
- lxd/device/nic/bridged: Adds UpdatableFields function and removes custom CanHotPlug function
- lxd/device/nic/ipvlan: Updates CanHotPlug function
- lxd/device/nic/ovn: Removes custom CanHotPlug function
- lxd/device/nic/p2p: Removes custom CanHotPlug function and adds UpdatableFields function
- lxd/device/nic/routed: Splits CanHotPlug function into new CanHotPlug and UpdatableFields functions
- lxd/instance/drivers/driver/lxc: Updates device management functions to use new CanHotPlug and UpdatableFields functions
- lxd/instance/drivers/driver/qemu: Updates device management functions to use new CanHotPlug and UpdatableFields functions
- lxd/device/config/devices/sort: Improves comments in Less
- lxd/device/disk: Removes use of global logger and use device contextual logger
- lxd/device/disk: Rework volatile apply_quota key handling to support virtual machines
- lxd/refcount: Adds Get function
- lxd/storage/backend/lxd: Removes dependence on RunningQuotaResize in SetInstanceQuota
- lxd/storage/backend/lxd: Removes dependence on RunningQuotaResize in UpdateCustomVolume
- lxd/storage/errors: Removes ErrRunningQuotaResizeNotSupported
- lxd/storage/drivers/volume: Adds MountInUse function
- lxd/storage/drivers/utils: Adds vol.MountInUse usage to ensureVolumeBlockFile
- lxd/storage/drivers/utils: Adds filesystemTypeCanBeShrunk and updates shrinkFileSystem to use it
- lxd/storage/drivers/utils: Updates growFileSystem to use DefaultFilesystem
- lxd/storage/drivers/driver/types: Removes RunningQuotaResize
- lxd/storage/drivers: Renames drivers_mock.go to driver_mock.go to align with other driver naming
- lxd/storage/drivers/driver/mock: Removes RunningQuotaResize
- lxd/storage/drivers/driver/btrfs: Updates BTRFS to use ensureVolumeBlockFile's in-use detection
- lxd/storage/drivers/driver/dir: Updates to use ensureVolumeBlockFile's in-use detection
- lxd/storage/drivers/driver/ceph/utils: Adds resizeVolume function
- lxd/storage/drivers/driver/ceph: Removes RunningQuotaResize
- lxd/storage/drivers/driver/ceph/volumes: Reworks SetVolumeQuota to be more aligned with LVM driver structure
- lxd/storage/drivers/driver/cephfs: Removes RunningQuotaResize
- lxd/storage/drivers/driver/lvm: Removes RunningQuotaResize
- lxd/storage/drivers/driver/lvm/volumes: Updates SetVolumeQuota to use Volume's in-use detection
- lxd/storage/drivers/driver/zfs: Removes RunningQuotaResize
- lxd/storage/drivers/driver/zfs/volumes: Updates SetVolumeQuota to use Volume's in-use detection
- lxd/storage/utils: Updates validatePoolCommonRules to differentiate VM volumes and filesystem volumes
- lxd/instance: Error quoting and logging improvements in instanceCreateInternal
- lxd/instance/drivers/driver/lxc: Adds revert to lxcCreate
- lxd/instance/drivers/driver/qemu: Adds revert to qemuCreate
- lxd/storage/backend/lxd: Set the correct volume content type for custom volumes
- lxc/info: Extend mdev details
- i18n: Update translation templates
- lxd/device/disk: Ignore ErrNotRunning for virtfs-proxy-helper
- lxd/patches/utils: Adds legacy volumeFillDefault function for patches
- lxd/patches: Updates patches to switch from driver.VolumeFillDefault to volumeFillDefault
- lxd/storage/drivers/interface: Adds FillVolumeConfig
- lxd/storage/drivers/driver/common: Adds FillVolumeConfig no-op for common drivers
- lxd/storage/drivers/driver/{ceph,lvm}: Adds FillVolumeConfig function to populate default filesystem settings
- lxd/storage/utils: Updates VolumeDBCreate to accept a Pool and call driver.FillVolumeConfig
- lxd/storage/backend/lxd: VolumeDBCreate usage
- lxd/storage/utils: Removes VolumeFillDefault and VolumeValidateConfig
- lxd/storage/pool/interface: Adds FillInstanceConfig
- lxd/storage/backend/lxd: Implements FillInstanceConfig
- lxd/storage/backend/mock: Adds FillInstanceConfig
- lxd/instance/drivers/driver/lxc: Updates lxcCreate to use storagePool.FillInstanceConfig
- lxd/instance/drivers/driver/qemu: Updates qemuCreate to use storagePool.FillInstanceConfig
- lxd/instance/drivers: Better errors in instance create functions
- lxd/storage/backend/mock: Return storage pool ID 1 rather than -1 to allow tests to run
- lxd/network/openvswitch/ovs: Adds InterfaceAssociatedOVNSwitchPort function
- lxd/network/driver/ovn: Updates Instance port functions to use instance UUID rather than instance ID
- lxd/network/driver/ovn: Updates InstanceDevicePortDelete to accept an instance UUID and a ovsExternalOVNPort hint
- lxd/device/nic/ovn: Update ovnNet interface to use instance UUIDs.
- lxd/device/nic/ovn: Use volatile.uuid instance UUID rather than instance ID for OVN switch port name
- lxd/device/nic/ovn: No need for intermediate v variable
- lxd/device/nic/ovn: Updates Stop to pass instance UUID and an OVS external OVN switch port hint to InstanceDevicePortDelete
- lxd/instance/qemu: Always render disk
- Support zstd compression.
- api: add resources_pci_iommu extension
- lxd-agent: Don't rely on systemd for rebooting
- lxd/instance: Move id field to common
- lxd/instance/common: Use 'd' as main variable
- lxd/instance/qemu: Rename d to dev
- lxd/instance/qemu: Replace vm with d
- lxd/instance/lxc: Rename d to dev
- lxd/instance/lxc: Replace c with d
- lxd/instance: Move most properties to common
- lxd/instance: Move common functions to drive_common
- shared/instance: golint fixes
- shared/instance: Adds ConfigVolatilePrefix constant
- shared/instance: ConfigVolatilePrefix usage
- shared/instance: Adds InstanceIncludeWhenCopying function
- lxd/copy: shared.InstanceIncludeWhenCopying usage in copyInstance
- lxc: shared.ConfigVolatilePrefix usage
- lxd: shared.ConfigVolatilePrefix usage
- lxd/instances/post: shared.InstanceIncludeWhenCopying usage in createFromCopy
- lxd/storage: Add volatile idmap setting debug log to resetContainerDiskIdmap
- lxd/device/disk: Include network-config in cidata
- lxd/resources: Add GetNetworkState and GetNetworkCounters
- shared/api: Add IOMMUGroup field to ResourcesPCIDevice
- Add IOMMU group value to PCI devices
- lxd/storage/pools/utils: Updates comment and error for storagePoolCreateLocal
- lxd/storage/pools: Error quoting
- lxd/db/cluster: Adds state column to networks_nodes table and set existing rows to state=1 (created)
- lxd/db/networks: Populate node state column in NetworkNodeJoin
- lxd/db/networks: Populate node state column in CreatePendingNetwork
- lxd/db/networks: Adds networkNodeState and NetworkNodeCreated functiond
- lxd/db/networks: Comments
- lxd/db/networks: Populate node state column in CreateNetwork
- lxd/network/driver: Remove check that prevents starting network in pending state
- lxd/networks: Whitespace
- lxd/network/network/interface: Updates init to take api.Network and network nodes map
- lxd/network/network/interface: Adds LocalStatus
- lxd/network/network/load: Updates LoadByName to pass network nodes from s.Cluster.GetNetworkInAnyState to init()
- lxd/db/networks: Adds NetworkState type and uses it in place of int
- lxd/db/networks: Renames networkFillStatus to NetworkStateToAPIStatus
- lxd/db/networks: Adds NetworkNode type
- lxd/db/networks: Exports NetworkNodes and updates to return map of NetworkNodes
- lxd/db/networks: Updates GetNonPendingNetworks usage of NetworkNodes()
- lxd/db/networks: Modifies getNetwork and GetNetworkInAnyState to return map of NetworkNodes for network
- lxd/db/networks: Exports NetworkNodes
- lxd/db/networks: c.GetNetworkInAnyState usage
- lxd/db/networks: Updates comments to reference state constants
- lxd/patches: d.cluster.GetNetworkInAnyState usage
- lxd/api/cluster: d.cluster.GetNetworkInAnyState usage
- lxd/api/project: s.Cluster.GetNetworkInAnyState usage
- lxd/device/nic: d.state.Cluster.GetNetworkInAnyState usage
- lxd/network/driver/ovn: n.state.Cluster.GetNetworkInAnyState usage
- lxd/network/driver/common: Adds LocalStatus function and store node info inside network via init()
- lxd/network/driver/bridge: Only perform local date if local status is api.NetworkStatusCreated
- lxd/network/driver/ovn: Only perform local date if local status is api.NetworkStatusCreated
- lxd/network/driver/physical: Only perform local date if local status is api.NetworkStatusCreated
- lxd/networks: Updates doNetworksCreate to skip creation if node is already marked created
- lxd/networks: d.cluster.GetNetworkInAnyState usage
- lxd/networks: Don't skip network clean up if network is pending in networkDelete()
- lxd/networks: d.cluster.GetNetworkInAnyState usage
- lxd/networks: Updates networksPostCluster to only mark global network states as created once all nodes created
- lxd/db/migration/test: cluster.GetNetworkInAnyState usage
- lxd/network/network/interface: Adds IsManaged function
- lxd/network/driver/common: Adds IsManaged function and associated internal variable
- lxd/networks: Prevent rename of pending networks
- lxd/networks: Reduce duplicate query loading network in networkPut and doNetworkUpdate
- lxd/networks: Prevent update of global network config when network is pending in networkPut
- lxd/network/driver/bridge: Adds some basic revert to setup()
- lxd/network/driver/bridge: Only initialise revert if config has changed
- lxd/network/driver: Only apply local DB change in Update() when local node is in pending state
- lxd/network/driver/bridge: Fix incorrect return value
- test/suites/clustering: Add network node state tests for bridge networking
- lxd/instance: Use revert package in instanceCreateFromImage
- lxd/storage/backend/lxd: Remove revert from CreateInstanceFromImage
- lxd/storage/drivers/driver/common: Enable unsafe resize mode in runFiller when unpacking into image volumes
- lxd/storage/drivers/driver/ceph/volume: Allow image resize when in unsafe mode in SetVolumeQuota
- lxd/storage/drivers/driver/zfs/volume: Allow image resize when in unsafe mode in SetVolumeQuota
- lxd/storage/backend/lxd: Log new volume size in CreateInstanceFromImage
- lxd/instance/qemu: Follow symlink to lxd-agent
- lxd/instance/qemu: Fix GPU passthrough
- lxd/instance/operations: Allow Wait/Done on nil struct
- lxd/instance/lxc: Improve use of operations
- lxd/instance/lxc: Improve locking on file ops
- lxd/instance/operations: Introduce CreateWaitGet
- lxd/instance: Introduce restart tracking
- Makefile: Fix golint URL
- lxd/network/driver/bridge: Improve IP parsing errors
- lxd/network/driver/bridge: Don't fill default config on update
- lxd/network/driver/ovn: Improve IP parsing errors
- lxd/network/driver/ovn: Don't fill default config on update
- lxd/network/driver/bridge: Regenerate auto values on update
- lxd/network/driver/ovn: Regenerate auto values on update
- test/suites/network: Adds test for unsetting ipv4.address and ipv6.address
- test/suites/network: Adds test for regeneration of auto values
- doc/networks: Clarify bridge default auto values
- doc/networks: Clarifies default values for ovn ranges settings
- doc/networks: Clarify ovn default auto values
- lxd/device/disk: Only validate disk source pool when an actual instance is set
- test/suites/migration: Adds tests for copying instance with snapshots containing invalid disk devices
- lxc-to-lxd: Fix handling on snap
- lxd/instance: Bypass delete protection for internal calls
- lxd/instance/qemu: Improve state handling
- lxd/instance/operationlock: Allow Reset
- lxd/instance/qemu: Stretch start/stop timeout
- lxd/instance/qemu: Increase virtiofsd timeout to 10s
- lxd/instance/qemu: Move more logic into qemuArchConfig
- lxd/instance: Add Info function
- lxd/instance: Add SupportedInstanceDrivers
- lxd/instance: Add driver cache
- lxd/api: Show all instance drivers
- lxd/qemu: Don't stop processing events on shutdown
- lxd/rbac: Improve access to user information
- lxd/daemon: Improve request context
- lxd/rbac: Move userIsAdmin and userHasPermission
- lxd: Move to new RBAC helpers
- lxd/storage/volumes: Replace hardcoded "filesystem" with db.StoragePoolVolumeContentTypeNameFS in storagePoolVolumesTypePost
- lxd/storage/volumes: Error quoting in storagePoolVolumesTypePost
- lxd/storage/volumes: Fixes misleading comment in storagePoolVolumesPost
- lxd/storage/volumes: Set default volume content type to filesystem in storagePoolVolumesPost
- lxd/storage/volumes: Error quoting in storagePoolVolumesPost
- lxd/storage/utils: Align error returned from VolumeContentTypeNameToContentType with similar functions
- lxd/storage/volumes: Removes stuttering in errors in storagePoolVolumesTypePost
- lxd/networks: Use SmartError for response when loading networks
- lxd/project: Add new FilterUsedBy helper
- lxd: Filter all UsedBy based on RBAC
- lxd/images: Fix incorrect RBAC on push
- lxc/file: Fix typo in fileGetWrapper
- i18n: Update translation templates
- lxc/restore: Fix typo in help
- i18n: Update translation templates
- lxd/networks: Fix bad logging level
- lxd/daemon: Fix bad permission check
- lxd/storage/drivers/generic: Fix VM rename with ZFS
- lxd/instance: Remove duplicate event
- lxd/instance/common: Implement lifecycle wrapper
- lxd/instance/lxc: Port to new wrapper
- lxd/instance/lxc: Lock restore operations
- lxd/instance/qemu: Port to new wrapper
- lxd/instance/qemu: Lock restore operations
- lxd/backup: Add lifecycle events
- lxd/network: Add lifecycle function
- lxd/network: Implement create wrapper
- lxd/network: Add lifecycle events
- lxd/cluster/request/clienttype: Moves client type constants and helper into own package
- lxd/cluster/connect: Removes client type constants and helper
- lxd: Updates use of ClientType now moved to cluster/request package
- lxd/networks: Ensure etag generation uses its own copy of config in networkPut
- lxd/network/driver: Takes NetworkStatus safety patch from stable-4.0 and applies to master
- lxd/networks: Comment in networksPostCluster
- lxd/networks: Corrects log level in networksPostCluster
- lxd/networks: golint fix
- lxd/db/networks: Removes unused NetworkErrored function
- lxd/db/networks: Updates network state comments to indicate node usage
- lxd/instance: Adds per-struct contextual logger.
- lxd/instance/drivers: Fixes instanceType in instance logger
- lxd/db/cluster: Adds state column to storage_pools_nodes table and set existing rows to state=1 (created)
- lxd/db/storage/pools: Updates storage pool state comments to indicate node usage
- lxd/db/storage/pools: Replace use of networkCreated with storagePoolCreated in getStoragePool
- lxd/db/storage/pools: Set storage pool node state to created in UpdateStoragePoolAfterNodeJoin
- lxd/db/storage/pools: Set storage pool node state to pending in CreatePendingStoragePool
- lxd/db/storage/pools: Adds StoragePoolNodeCreated and storagePoolNodeState functions
- lxd/db/storage/pools: Set storage pool node state to pending in CreateStoragePool
- lxd/storage/pools/utils: Consistent comment endings
- lxd/storage/pools/utils: Fix comment in storagePoolCreateLocal
- lxd/storage/pools: Add logging for storage pool state updates in storagePoolsPostCluster
- lxd/storage/pools/utils: Updates storagePoolCreateLocal to mark local node state as created
- lxd/db/storage/pools: Removes unused function StoragePoolErrored
- lxd/db/storage/pools: Updates comment on StoragePoolCreated
- lxd/storage/pools: Fix copy paste error in comment
- lxd/storage/load: Updates GetPoolByName to use state.Cluster.GetStoragePoolInAnyState
- lxc/storage: Adds --target flag support to cmdStorageSet
- lxd/storage/pools: Adds doStoragePoolUpdate function
- lxd/db/storage/pools: Adds StoragePoolState type and updates state constants to be of that type
- lxd/db/storage/pools: Adds StoragePoolNode type
- lxd/db/storage/pools: StoragePoolState usage
- lxd/db/storage/pools: Adds storagePoolNodes function
- lxd/db/storage/pools: Updates storage pool load functions to return nodes
- lxd/db/storage/pools: Updates storagePoolNodes to return map of StoragePoolNode
- lxd/db/storage/pools: c.GetStoragePoolInAnyState usage
- shared/api/storage/pool: Adds storage pool status constants
- lxd/db/storage/pools: Adds StoragePoolStateToAPIStatus and updates getStoragePool to use it
- lxd/patches: d.cluster.GetStoragePoolInAnyState usage
- lxd/api/cluster: d.cluster.GetStoragePoolInAnyState usage
- lxd/backup/backup/config: c.GetStoragePool usage
- lxd/daemon/storage: s.Cluster.GetStoragePool usage
- lxd/device/disk: d.state.Cluster.GetStoragePool usage
- lxd/instance/post: d.cluster.GetStoragePool usage
- lxd/instances/post: d.cluster.GetStoragePoolInAnyState usage
- lxd/storage/pools: d.cluster.GetStoragePoolInAnyState usage
- lxd/storage/volumes: GetStoragePoolInAnyState usage
- lxd/storage/volumes/backup: d.cluster.GetStoragePool usage
- lxd/storage/volumes/snapshot: d.cluster.GetStoragePool usage
- lxd/storage/pool/interface: Adds Description, Status and LocalStatus functions to definition
- lxd/storage/backend/mock: Adds Description, Status and LocalStatus functions
- lxd/storage/backend/lxd: Adds Description, Status, LocalStatus functions and adds nodes property
- lxd/storage/load: state.Cluster.GetStoragePoolInAnyState usage and populates pool nodes in GetPoolByName
- lxd/storage/pool/interface: Adds IsUsed and Create functions
- lxd/storage/backend/lxd: Exports Create and adds IsUsed
- lxd/storage/backend/mock: Adds IsUsed and Create
- lxd/storage/load: Deprecates CreatePool
- lxd/storage/load: Updates CreatePool to initialise empty node list
- lxd/storage/pools/utils: Updates storagePoolCreateLocal to use GetPoolByName
- lxd/storage/pools: Reworks storagePoolDelete to only delete locally if node has created state
- lxd/db/migration/test: cluster.GetStoragePool usage
- lxd/storage/pools: Reworks storagePoolPut and calls storagePoolPut from storagePoolPatch
- lxd/storage/pools: Removes unused storagePoolValidateClusterConfig, storagePoolClusterConfigForEtag, storagePoolClusterFillWithNodeConfig functions
- lxd/storage/pools/utils: Removes unused storagePoolUpdate
- lxd/storage/backend/lxd: Reworks Update to only apply changes to local node if not pending
- lxd/api/cluster: Updates client type usage to new package
- lxd/storage/load: Updates deprecated CreatePool to use client type
- lxd/patches: storagePools.CreatePool usage
- lxd/storage/pool/interface: Replaces localOnly and driverOnly indicators with clientType
- lxd/storage/backend/lxd: Replace localOnly and driverOnly with clientType
- lxd/storage/backend/mock: Replace localOnly and driverOnly with clientType
- lxd/storage/drivers/driver/ceph: Simplify Delete logic
- lxd/storage/pools: Switch to clientType
- lxd/storage/pools/utils: Switch to clientType
- lxd/api/cluster: Removal special casing for ceph/cephfs
- lxd/storage/backend/lxd: Adds protection against using a pending pool
- lxd/storage: Adds target support to cmdStorageGet
- lxd/storage/pools: Updates storagePoolsPostCluster to only forward non-node specific config
- test/suites/clustering: Add pool node state tests
- lxd/apparmor/qemu: Allow some more files
- lxd/storage/drivers/drivers/zfs/volumes: Fixes 10s delay when using VMs with ZFS in snap
- shared: Add IsUserConfig() utility function
- lxd/config: Allow user keys in server config
- lxd/storage/backend/lxd: Comment typo fix
- lxd/storage/drivers/driver/btrfs/volumes: Enable allowUnsafeResize in CreateVolume when creating initial image volume
- lxd/storage/drivers/utils: Updates ensureVolumeBlockFile to return unsupported when trying to resize image volume without allowUnsafeResize enabled
- lxd/storage/utils: Ensure pool's volume.size is checked when unpacking images to pools that use file based images
- lxd/instance/qemu: Deref OVMF path
- lxc: Clarify --compression option
- doc/image-handling: Update compression details
- i18n: Update translation templates
- lxd/rbac: Fix checks by matching proper name
- api: Add resources_network_usb and resources_disk_address
- shared/api: Add PCIAddress/USBAddress on network and storage
- lxd/resources: Add PCIAddress/USBAddress for networks and disks
- lxd/storage/drivers/utils: Modifies roundVolumeBlockFileSizeBytes to round up
- lxd/storage/drivers/utils: roundVolumeBlockFileSizeBytes usage
- lxd/storage/drivers/driver/zfs/utils: Use roundVolumeBlockFileSizeBytes in createVolume
- lxd/storage/drivers/driver/zfs/volumes: Use roundVolumeBlockFileSizeBytes in CreateVolume
- lxd/storage/drivers/driver/zfs/volumes: Use roundVolumeBlockFileSizeBytes in SetVolumeQuota
- lxd/storage/backend/lxd: Use revert in CreateInstanceFromCopy
- lxd/storage/backend/lxd: Don't fail in DeleteInstance if DB record already removed
- lxd/instance: Use revert in instanceCreateAsCopy
- lxd/storage/drivers/driver/ceph/volumes: Whitespace
- lxd/storage/drivers/driver/ceph/volumes: Adds a hasVolume function that accepts an RBD volume name
- lxd/storage/drivers/driver/ceph/volumes: Fixes issue in DeleteVolume that prevented image volume deletion if no readonly snapshot existed
- lxd/storage/backend/lxd: Return error in EnsureImage when cannot delete orphaned volume
- lxd/network/driver/ovn: Improve error message
- lxd/network/driver/physical: Adds ovn.ingress_mode config key
- lxd/network/driver/ovn: Updates uplinkRoutes to accept an *api.Network argument
- lxd/network/driver/ovn: n.uplinkRoutes usage
- lxd/network/driver/ovn: Moves subnet size validation into InstanceDevicePortValidateExternalRoutes
- lxd/network/driver/ovn: Updates InstanceDevicePortAdd to only publish external IPs using DNAT when uplink l2proxy mode enabled
- lxd/device/nic/ovn: Removes external subnet validation
- doc/networks: Adds ovn.ingress_mode to physical networks
- api: Adds network_physical_ovn_ingress_mode extensions
- lxd/network/network/utils: Don't reference ourselves in UsedBy
- lxd/network/driver/ovn: Only delete DNAT rules in InstanceDevicePortDelete if ingress mode is l2proxy
- lxd/network/openvswitch/ovn: Exports LogicalSwitchDHCPOptionsDelete and adds optional UUID filter for deletion
- lxc/network/driver/ovn: Adds ipv4.dhcp and ipv6.dhcp boolean settings
- lxc/network/driver/ovn: Modifies setup to only activate DHCP/RA if its enabled on network
- lxd/network/driver/ovn: Updates InstanceDevicePortAdd to respect DHCP options on network
- lxd/network/driver/ovn: Updates DHCPv4Subnet and DHCPv6Subnet to use IP helper functions
- api: Adds network_ovn_dhcp extension
- doc/networks: Adds ipv4.dhcp and ipv6.dhcp docs for OVN networks
- doc/networks: Mention DNSSEC setting
- doc/networks: Adds ipv4.routes.anycast and ipv6.routes.anycast to physical networks
- lxd/network/driver/physical: Adds ipv4.routes.anycast and ipv6.routes.anycast options
- lxd/network/driver/ovn: Adds uplinkHasIngressRoutedAnycastIPv4 and uplinkHasIngressRoutedAnycastIPv6 functions
- lxc/network/driver/ovn: Skip overlap detection of networks external subnets when uplink is in anycast routed ingress mode
- lxd/network/driver/ovn: Skip NIC external route overlap detection when uplink is in anycast routed ingress mode
- api: Adds network_physical_routes_anycast extension
- tests: Add test for import after deleted snapshot
- lxd/instances: Update backup file when deleting a snapshot
- lxd/instance/lxc: Fix backup.yaml delete logic to trigger properly
- lxd/instance/qemu: Also update backup.yaml on snapshot delete
- lxd/instance/qemu: Update backup.yaml on startup
- lxd/db/storage/pools: Comment wrapping
- lxd/storage/backend/lxd: Prevent modification of source field on non-pending nodes
- lxd/storage/drivers/driver/lvm: Comment typo
- lxd/network/driver/ovn: Only add default route and SNAT rules to router after adding external router port
- i18n: Update translations from weblate
- doc/networks: Add missing escaping
- lxd/apparmor/qemu: Allow ceph snap paths
- doc: Adds limits.instances key description.
- lxd/project: Adds 'limits.instances' configuration key
- api: Add projects_limits_instances extension
- doc/api-extensions: Fix escaping
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.8 リリースのお知らせ¶
12th of November 2020
はじめに ¶
LXD チームは LXD 4.8 のリリースをお知らせできることにとてもワクワクしています!
このリリースでは vTPM と VirtioFS のサポートが追加されました。そして cgroup2 サポートの作業が終了し、いくつか有用な機能の追加と改良を行いました。
また、ネットワークとストレージのトラッキングとライフサイクルが大幅に改良され、競合状態のクラス全体と通常のバグ修正の山が完全に排除されました。
Enjoy!
新機能とハイライト ¶
vTPM のサポート ¶
新しい tpm デバイスタイプが追加されました。コンテナと仮想マシンの両方でサポートされます。これは永続的な swtpm インスタンスを使い、通常は /dev/tpmX デバイスをインスタンス内で公開します。
stgraber@castiana:~$ lxc config device add tpm1 tpm tpm path=/dev/tpm0 Device tpm added to tpm1 stgraber@castiana:~$ lxc config device add tpm2 tpm tpm path=/dev/tpm0 Device tpm added to tpm2 stgraber@castiana:~$ lxc start tpm1 tpm2 stgraber@castiana:~$ lxc list tpm +------+---------+------------------------+-------------------------------------------------+-----------------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +------+---------+------------------------+-------------------------------------------------+-----------------+-----------+ | tpm1 | RUNNING | 10.166.11.45 (eth0) | fd42:4c81:5770:1eaf:216:3eff:fe95:4a5 (eth0) | CONTAINER | 0 | +------+---------+------------------------+-------------------------------------------------+-----------------+-----------+ | tpm2 | RUNNING | 10.166.11.120 (enp5s0) | fd42:4c81:5770:1eaf:216:3eff:fe71:4323 (enp5s0) | VIRTUAL-MACHINE | 0 | +------+---------+------------------------+-------------------------------------------------+-----------------+-----------+ stgraber@castiana:~$ lxc exec tpm1 -- tpm2_gettestresult status: success stgraber@castiana:~$ lxc exec tpm2 -- tpm2_gettestresult status: success
仮想マシンに対する VirtioFS ¶
これまで、LXD はエージェントが構成するデバイスと disk デバイスを使って仮想マシンに対して公開される追加パスの両方のトランスポートとして 9p を使ってきました。
信頼性が高く、一般的に十分サポートされていますが、9p は高速ではありません。
virtiofs がこのための高速なオプションです。LXD エージェントがインスタンス内部で使用できる方を使用し、LXD は 9p と virtiofs の両方を通してアタッチしたデバイスを公開しています。
stgraber@castiana:~$ lxc init images:ubuntu/20.04/cloud vm1 --vm Creating vm1 stgraber@castiana:~$ lxc config device add vm1 home disk source=/home/stgraber path=/mnt/virtiofs Device home added to vm1 stgraber@castiana:~$ lxc start vm1 stgraber@castiana:~$ lxc exec vm1 bash root@vm1:~# mkdir /mnt/9p root@vm1:~# mount -t 9p lxd_home /mnt/9p/ root@vm1:~# dd if=/dev/zero of=/mnt/9p/test.img bs=4M count=100 conv=fdatasync 100+0 records in 100+0 records out 419430400 bytes (419 MB, 400 MiB) copied, 5.19642 s, 80.7 MB/s root@vm1:~# dd if=/dev/zero of=/mnt/virtiofs/test.img bs=4M count=100 conv=fdatasync 100+0 records in 100+0 records out 419430400 bytes (419 MB, 400 MiB) copied, 0.831076 s, 505 MB/s root@vm1:~#
cgroup2 のフルサポート ¶
LXD はかなり長い間、ハイブリッドとフル cgroup2 システム上で機能してきました。しかし、その環境で実行された場合、必ずしもすべての制限が適用されていたわけではありませんでした。実際、ほとんどのコントローラーが起動時に制限された状態、またはサポートされないとして報告されていました。
次のものをのぞいて、LXD でサポートされるすべての制限に cgroup2 サポートを追加することで、これを大幅に改善しました。
- スワップの優先度指定とスワップの無効化(swappinessコントロールが必要)
- ネットワークの優先度(net_prioコントローラーが必要)
これら2つは現在、最新の Linux カーネルで相当する機能が cgroup2 にないためです。同等のソリューションが実装された際には、必ずその機能を使います。
デイリーのテストに cgroup1, スワップのアカウンティング付きのcgroup1、cgroup2 のテストを追加し、すべての制限が期待通り動作していることを https://jenkins.linuxcontainers.org/job/lxd-test-cgroup/ で確認しました。
zfs.clone_copy の rebase モード ¶
ZFS ストレージプールに追加された新しいオプションは、ソースのインスタンスが作成された元のイメージを追跡し、新しいインスタンスのオリジンとしてそれを使うように LXD に指示します。
これは、ソースインスタンスがイメージとともに持っているディスク上の差分を効率的に複製するので、そのコピーの結果としてディスク使用量が増えることを意味します。しかし、新しいインスタンスがソースと結びつくことも防ぎます。これにより、LXD が削除されたコピーのために削除されたデータセットを保持する必要がなくなり、ソースインスタンスを削除し、そのディスク領域を再利用できるようになります。
stgraber@castiana:~$ lxc launch images:ubuntu/20.04/cloud u1 Creating u1 Starting u1 stgraber@castiana:~$ sudo zfs list -t all -o name,origin castiana/lxd/containers/u1 NAME ORIGIN castiana/lxd/containers/u1 castiana/lxd/images/0d8a2b851ecb4a2dfc6313cb8bae203f15c5ca51c3c80bc65b573224e7f59f59@readonly stgraber@castiana:~$ lxc copy u1 u2 stgraber@castiana:~$ sudo zfs list -t all -o name,origin castiana/lxd/containers/u2 NAME ORIGIN castiana/lxd/containers/u2 castiana/lxd/containers/u1@copy-e51ca348-32b5-4101-ac05-c656bf7c2a1e stgraber@castiana:~$ lxc storage set default zfs.clone_copy false stgraber@castiana:~$ lxc copy u1 u3 stgraber@castiana:~$ sudo zfs list -t all -o name,origin castiana/lxd/containers/u3 NAME ORIGIN castiana/lxd/containers/u3 - stgraber@castiana:~$ lxc storage set default zfs.clone_copy rebase stgraber@castiana:~$ lxc copy u1 u4 stgraber@castiana:~$ sudo zfs list -t all -o name,origin castiana/lxd/containers/u4 NAME ORIGIN castiana/lxd/containers/u4 castiana/lxd/images/0d8a2b851ecb4a2dfc6313cb8bae203f15c5ca51c3c80bc65b573224e7f59f59@readonly
この例では:
- u1 はイメージからコピーして作られた通常のコンテナです
- u2 はソースのスナップショットから作られた通常のコピーです
- u3 はスタンドアロンコピーで、u1 のデータ全体とイメージを複製します
- u4 はリベースコピーで、u1 の差分とイメージを複製します
lxc snapshot と lxc storage volume snapshot コマンドの --reuse オプション¶
lxc snapshot と lxc storage volume snapshot コマンドで、同じ名前で新しいスナップショットを作成する前に既存のスナップショットを削除できるようになりました。
stgraber@castiana:~$ lxc snapshot u1 foo stgraber@castiana:~$ lxc snapshot u1 foo Error: Add snapshot info to the database: This instance_snapshot already exists stgraber@castiana:~$ lxc snapshot u1 foo --reuse stgraber@castiana:~$
restarted ライフサイクルイベント ¶
LXD は重要な状態の変更を容易に追跡できるように lifecycle イベントをログに記録します。
これまで、インスタンスが再起動されたり内部から再起動されると、ログには stopped イベントとそれに続く started イベントが記録されていました。
これが、何が起こったかを正確に記述する単一の restarted イベントに置き換えられました。
stgraber@castiana:~$ lxc monitor --type=lifecycle location: none metadata: action: virtual-machine-restarted source: /1.0/virtual-machines/u2 timestamp: "2020-11-12T17:47:50.559795164-05:00" type: lifecycle
ユーザからのリクエストのロギングの改良 ¶
LXD はすべての API 呼び出しの要求元をログメッセージと内部コンテキストデータに記録しています。しかし、これには少し制限がありました。どのプロトコル(unix, candid, tls)が使われたのかをログに記録しない、unix ソケット経由のリクエストの場合はユーザー名をログに記録できると言ったようなことのためです。
この問題は修正され、基本的な要求は次のように記録を行うようになりました:
DBUG[11-12|18:26:10] Handling method=GET url=/1.0 ip=@ protocol=unix username=stgraberDBUG[11-12|23:26:59] Handling method=GET url=/1.0 ip=[2001:470:b0f8:1000:223:a4ff:fe01:16f]:48334 protocol=candid username=stgraber@stgraber.netDBUG[11-12|18:28:23] Handling method=GET url=/1.0 ip=127.0.0.1:47508 protocol=tls username=390fdd27ed5dc2408edc11fe602eafceb6c025ddbad9341dfdcb1056a8dd98b1
すべての変更点(翻訳なし) ¶
このリリースでの完全な変更点のリストは次のとおりです:
- lxd/device/usb: Fix check for required USB device
- seccomp: switch back to pread()
- nsexec: simplify userns attach
- forksyscall: preserve root and cwd fds for shifted mount emulation
- lxc/init.go: remove for-loop in create()
- lxd/device/nic/ovn: Improved error messages
- lxd/network/driver/ovn: Generates static EUI64 IPv6 address for instance switch ports in instanceDevicePortAdd
- lxd/network/openvswitch/ovn: Adds LogicalSwitchPortGetDNS to return switch port DNS info
- lxd/network/openvswitch/ovn: Updates LogicalSwitchPortDeleteDNS to only accept DNS UUID rather than port name
- lxd/network/openvswitch/ovn: Updates LogicalSwitchPortSetDNS to return the DNS UUID record ID
- lxc/network/driver/ovn: Adds validateExternalSubnet function
- lxd/network/driver/ovn: Updates Validate to ensure ipv4.address and ipv6.address are allowed external subnets
- lxd/network/driver/ovn: Adds support for publishing instance port IPs to uplink network
- revert/revert.go: remove a for-loop from Clone()
- doc/networks: Adds ipv4.nat and ipv6.nat to ovn network
- lxc/copy.go: Remove unneeded for-loop in c.Run()
- lxd/db/networks: Fix NULL description
- lxd/network/driver/ovn: Allows "none" as value for ipv4.address and ipv6.address
- lxd/network/driver/ovn: Re-run validation of auto generated address used in FillConfig
- lxd/network/driver/ovn: Modify setup() to support optional IP addresses
- lxd/network/driver/ovn: Updates instanceDevicePortAdd to support optional IP addresses
- lxd/network/driver/ovn: Only call Validate in FillConfig if state is set
- lxd/db/projects: Adds GetProject function
- lxd/network/driver/ovn: Converts instance port functions to exported
- lxd/network/driver/ovn: Removes ipv4.routes.external and ipv6.routes.external
- lxc/network/driver/ovn: Adds projectRestrictedSubnets and uplinkRoutes functions
- lxd/network/driver/ovn: Simplifies Validate by using separate data loader functions
- lxd/network/driver/ovn: Passes project into allowedUplinkNetworks
- lxd/network/driver/ovn: Passes project into validateUplinkNetwork
- lxd/network/driver/ovn: Load project in setup() to pass to n.validateUplinkNetwork()
- lxd/network/driver/ovn: Adds InstanceDevicePortValidateExternalRoutes function
- lxd/network/network/utils/ovn: Remvoes unused functions
- lxd/device/nic/ovn: Adds ovnNet interface and use OVN instance port functions directly from network
- lxd/device/nic/ovn: Removes validation of external routes against network's external routes
- lxd/device/nic/ovn: Validate NICs external routes using d.network.InstanceDevicePortValidateExternalRoutes
- doc/networks: Removes ipv4.routes.external and ipv6.routes.external from ovn network
- lxd/patches: Adds patch for removing ipv4.routes.external and ipv6.routes.external from ovn networks
- api: Adds network_ovn_external_routes_remove extension
- lxd/network/driver/ovn: Fix project restricted subnets check in validateExternalSubnet
- lxd/images: Fixes ineffectual assign warning
- lxd/resources/usb: Fixes ineffectual assign warning
- lxd/storage/drivers/driver/lvm/volumes: Fixes ineffectual assign warning
- lxd/instance: Use project aware inst.LogPath() function when clearing log dir in instanceCreateInternal
- lxd/instance/drivers/driver/lxc: Project aware rename of log path in Rename()
- lxd/instance/drivers/driver/qemu: Project aware rename of log path in Rename()
- lxd/instance/drivers/driver/lxc: Makes collectCRIULogFile project log path aware
- lxd/instance/logs: Makes containerLogsGet project aware
- lxd/main/init/interactive: Clarifies question about using an existing empty disk
- lxd/network/driver/bridge: Sets ipv4.nat=true when adding a new fan network with fan.underlay_subnet=auto
- lxd/patches: Adds patchNetworkFANEnableNAT to set ipv4.nat=true for fan networks missing the setting
- doc/networks: Clarifies comment defaults for bridge ipv4.nat when not specified during creation
- lxd/seccomp: Fix go vet
- lxd/instance: Add Architecture to common
- lxd/devices: Disable USB on s390x
- add new "restarted" event to reboot section of onStop in both lxc and qemu
- tests: Fix missing clustering cleanup
- lxd/storage/zfs: Properly recurse delete volumes
- tests: Fix cleanup in backup
- lxd/storage/backend/lxd: b.driver.UnmountVolume usage
- lxd/instance/drivers/driver/lxc: Moves log rotate and mount before devices start in startCommon
- lxd/storage/drivers/interface: Adds keepBlockDev arg to UnmountVolume
- lxf/storage/drivers/volume: v.driver.UnmountVolume usage
- lxd/storage/drivers/volume: Adds keepBlockDev arg to UnmountTask
- lxd/storage/drivers/utils: Passes true for keepBlockDev arg to UnmounTask in shrinkFileSystem
- lxd/storage/drivers/generic/vfs: d.UnmountVolume usage
- lxd/storage/drivers/drivers/mock: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/btrfs/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/dir/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/cephfs/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/lvm/volumes: UnmountVolume usage
- lxd/storage/drivers/driver/lvm/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/lvm/volumes: UnmountTask usage
- lxd/storage/drivers/driver/ceph/volumes: d.UnmountVolume usage
- lxd/storage/drivers/driver/ceph/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/zfs/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/zfs/volumes: d.UnmountVolume usage
- lxd/device/config/devices/sort: Sort disks between nics and other types of devices
- lxd/device/config/devices/sort: Comment improvement
- lxd/instance/drivers: Device lifecycle logging improvements
- lxd/instance/drivers: Stop devices in reverse order to how they were started
- lxd/instance/drivers/driver/lxc: Only use postStartHooks var where actually needed
- lxd/instance/drivers/driver/qemu: Adds log rotation to Start
- lxd/storage/zfs: Fix argument ordering
- lxd/device/config: Add TPMDevice to RunConfig
- lxd/cluster/connect: Renames project arg to projectName in ConnectIfInstanceIsRemote
- lxd/cluster/connect: Adds projectName arg to ConnectIfVolumeIsRemote
- lxd/response: Adds projectName argument to forwardedResponseIfVolumeIsRemote
- lxd/storage/volumes: forwardedResponseIfVolumeIsRemote projectName argument usage
- lxd/db/storage/volumes: Corrects misspelled argument name in GetStorageVolumeNodeAddresses
- lxc/move: Bypass security.protection.delete
- lxd/device: Add TPM device type
- lxd/db: Add device type "tpm"
- lxd/instance/drivers: Support TPM devices in VMs
- lxd/device: Fix typo
- api: Add tpm_device_type API extension
- doc: Add tpm device
- test: Add TPM device
- doc/instances: usb and gpu are available in VMs
- doc/instances: Add missing header in usb device
- extract restart logic to new instance interface function of lxc and qemu
- scripts/bash: Fix snap handling
- extract common restart code to driver_common.go
- lxd/storage: Rename RunningSnapshotFreeze to RunningCopyFreeze
- lxd/storage: Ensure source is frozen during copy
- lxd/instance/drivers: Write out updated backup.yaml after rename
- lxd: Switch to new candid URL
- lxd/storage/zfs: No need to remove dashes from UUID
- shared: Drop GroupId and UserId
- lxd: Port to os/user
- lxd/daemon: Log protocol
- lxd/daemon: Pass writer to Authenticate
- lxd/daemon: Record username on unix queries
- lxd/storage: Lock during the whole image replace
- lxd/db/errors: Adds ErrNoClusterMember var used to indicate no cluster member has been found for a resource
- lxd/db/storage/volumes: Modifies GetStorageVolumeNodeAddresses to detect volumes that are not bound to a single node
- lxd/db/storage/volumes: Removes StorageVolumeIsAvailable
- lxd/response: Updates forwardedResponseIfVolumeIsRemote to accept poolName rather than poolID
- lxd/storage/volumes: forwardedResponseIfVolumeIsRemote usage
- lxd/storage/volumes/backup: forwardedResponseIfVolumeIsRemote usage
- lxd/storage/volumes/snapshot: forwardedResponseIfVolumeIsRemote usage
- lxd: Replace use of tx.GetProject with cluster.GetProject
- lxd/project/project: Adds StorageVolumeProjectFromRecord function
- lxd/db/instances: Renames and reworks instanceListExpanded to InstanceList
- lxd/db/instances/export/test: Removes unused file
- lxd/db/instances/test: Renames TestInstanceListExpanded to TestInstanceList
- lxd/patches: driver.VolumeTypeNameToDBType usage
- lxd/profiles/utils: Comment on doProfileUpdateContainer for clarity
- lxd/response: cluster.ConnectIfVolumeIsRemote usage
- lxd/storage/drivers/driver/types: Adds VolumeMultiNode field to Info
- lxd/storage/drivers/driver/cephfs: Adds VolumeMultiNode=true to Info struct
- lxd/storage/utils: Renames VolumeTypeNameToType to VolumeTypeNameToDBType
- lxd/storage: VolumeTypeNameToDBType usage
- lxd/storage/utils: Adds VolumeDBTypeToTypeName function
- lxd/storage/utils: Comment consistency
- lxd/storage/utils: Renames and reworks VolumeUsedByRunningInstancesWithProfilesGet to VolumeUsedByInstances
- lxd/storage/utils: Adds VolumeUsedByExclusiveRemoteInstancesWithProfiles function
- lxd/cluster/connect: Reworks ConnectIfVolumeIsRemote to use storagePools.VolumeUsedByExclusiveRemoteInstancesWithProfiles
- lxd/device/disk: storagePools.VolumeUsedByExclusiveRemoteInstancesWithProfiles usage
- lxd/storage/volumes: storagePools.VolumeTypeNameToDBType usage
- lxd/storage/volumes: Updates storagePoolVolumeTypePost to use updated storagePools.VolumeUsedByInstances
- lxd/storage/backend/lxd: Updates UpdateCustomVolume to check for online resize support when resizing
- lxd/storage/backend/lxd: Updates RestoreCustomVolume with VolumeUsedByInstances
- lxd/storage/utils: Removes VolumeUsedByInstancesGet function as not properly project compliant
- lxd/storage/volumes/utils: Replaces storagePools.VolumeUsedByInstancesGet usage with storagePools.VolumeUsedByInstances in storagePoolVolumeUsedByGet
- lxd/device/disk: Replace storagePools.VolumeUsedByInstancesGet usage with storagePools.VolumeUsedByInstances in storagePoolVolumeAttachShift
- lxd/endpoints: Update error string in test
- shared/simplestreams: Record variant
- shared/simplestreams: Fix sorting of images
- lxd/project/project: Updates StorageVolumeProjectFromRecord to not return error (as never populated)
- lxd/project/project: Adds NetworkProjectFromRecord function
- lxd/storage/utils: project.StorageVolumeProjectFromRecord usage
- lxd/network/driver/ovn: Adds NIC external route overlap validation of other OVN external network subnets and OVN NIC external routes
- lxd/device/nic/ovn: Updates ovnNet interface's InstanceDevicePortValidateExternalRoutes to add instance argument
- lxd/device/nic/ovn: d.network.InstanceDevicePortValidateExternalRoutes usage
- lxd/instance/qmp: Merge Go routines
- shared/cancel: Close chDone on failure
- lxd: Only close doneCh on success
- i18n: Update translations from weblate
- lxd/network/driver/ovn: Adds ovnProjectNetworksWithUplink function
- lxd/network/driver/ovn: Updates ovnNetworkExternalSubnets to allow optional filtering of our own network's subnets
- lxd/network/driver/ovn: Updates ovnNICExternalRoutes to optionally filter our own NIC's external routes
- lxd/network/driver/ovn: Updates InstanceDevicePortValidateExternalRoutes to use new functions and signatures
- lxd/network/driver/ovn: Updates Validate to check external subnets dont overlap with other OVN networks or NICs sharing our uplink
- lxd/network/openvswitch/ovn: Return ErrOVNNoPortIPs in LogicalSwitchPortSetDNS when no port IPs found
- lxd/network/driver/ovn: Retry LogicalSwitchPortSetDNS up to 5 times to avoid missing dynamic IP allocation by OVN
- exec: make sure to only use TIOCGPTPEER if available
- lxd/instance/drivers: Change memory backend
- lxd/instance/drivers: Add virtio-fs config drive template
- lxd/instance/drivers: Handle virtio-fs config drive
- lxd/instance/drivers: Add system unit file for virtio-fs config drive
- lxd/device/disk: Support virtio-fs
- lxd/device/disk: Handle alternative virtfs-proxy-helper location
- lxd-agent: Prefer virtio-fs over 9p
- lxd/instances: Fix virtiofsd for config drive
- lxd/instance/drivers: Issue warning if virtiofsd is missing
- lxd/device: Issue warning if virtiofsd is missing
- lxd/instance/drivers: Fix lxd-agent systemd unit conditions
- lxd/storage: Only freeze if not frozen
- lxd/device/sriov: Harden calls to ip link vf
- api: Add storage_zfs_clone_copy_rebase extension
- doc/storage: Allow 'rebase' in zfs.clone_copy
- lxd/storage: Allow 'rebase' as value for zfs.clone_copy
- lxd/storage/zfs: Add support for clone_copy rebase
- lxd/qmp: Ensure checkbuffer is called
- lxd/network/driver/ovn: Adds support for using uplink bridge using bridge.driver=openvswitch
- lxd/virtiofs: Fix handling of config drive
- lxd/storage/lvm: Properly make lvm.thinpool_name node-specific
- lxd/instance/drivers/driver/qemu: Call MountInstanceSnapshot when mounting vm snapshots
- lxd/instance/drivers/driver/qemu: Ensure consistent mount state when restoring snapshot irrespective of whether instance was running
- lxd/instance/drivers/driver/lxc: Ensure consistent mount state when restoring snapshot irrespective of whether instance was running
- lxd/storage/drivers/volume: Comment clarification
- lxd/storage/drivers/driver/zfs/volumes: Only resurrect deleted image volume if same size in CreateVolume
- lxd/storage/drivers/driver/zfs/volumes: Improved logging
- lxd/storage/drivers/driver/zfs/volumes: Return ErrNotSupported in SetVolumeQuota when trying to resize an image block volume
- lxd/storage/drivers/driver/ceph/volumes: Only resurrect deleted image volume if same size in CreateVolume
- lxd/storage/drivers/driver/ceph/volumes: Improves logging in CreateVolume
- lxd/storage/drivers/driver/ceph/volumes: Don't allow image volume size in SetVolumeQuota
- lxd/storage/backend/lxd: Adds size to logging in SetInstanceQuota
- lxd/storage/backend/lxd: Update EnsureImage to resize/regenerate optimized image volumes if existing volume is different size than pool's volume.size setting
- lxd/storage/backend/lxd: Updates CreateInstanceFromImage to detect ErrCannotBeShrunk and create one-off non-optimized volume for instance
- lxd/storage/drivers/driver/ceph/utils: Updates getRBDMappedDevPath to allow control of mapping
- lxd/storage/drivers/driver/ceph/utils: d.rbdUnmapVolumeSnapshot on one line
- lxd/storage/drivers/driver/ceph/volumes: d.getRBDMappedDevPath usage
- lxd/storage/utils: Makes InstanceDiskBlockSize snapshot aware
- lxd/storage/drivers/driver/ceph/volumes: Removes extraneous comment
- lxd/storage/drivers/driver/ceph/volumes: Activate volume before genericVFSMigrateVolume in MigrateVolume
- lxd/storage/pool/interface: Adds MountInfo struct
- lxd/storage/pool/interface: Return MountInfo from MountInstance and MountInstanceSnapshot
- lxd/storage/backend/lxd: Populate MountInfo with OurMount and DiskPath in MountInstance
- lxd/storage/backend/lxd: Unexports getInstanceDisk
- lxd/storage/backend/lxd: Populates OurMount and DiskPath in MountInstanceSnapshot
- lxd/storage/utils: Updates InstanceDiskBlockSize to use MountInfo
- lxd/storage/backend/mock: Interface changes
- lxd/instance: Updates instanceCreateAsSnapshot to use MountInfo
- lxd/patches: Updates to use MountInfo
- lxd/instance/drivers/driver/lxc: Updates mount to return MountInfo and usage
- lxd/instance/drivers/driver/qemu: Updates mount to return MountInfo and usage
- lxd/storage/drivers/generic/vfs: Adds genericVolumeDiskFile constant for excluding generic disk block files
- lxd/storage/drivers/generic/vfs: Avoid using d.GetVolumeDiskPath in genericVFSMigrateVolume
- lxd/storage/drivers/generic/vfs: Use genericVolumeDiskFile in genericVFSGetVolumeDiskPath
- lxd/storage/drivers/driver/ceph/utils: Add logging to rbdMapVolume and rbdUnmapVolume
- lxd/storage/drivers/driver/ceph/utils: Updates getRBDMappedDevPath to support snapshots
- lxd/storage/drivers/driver/ceph/volumes: Updates MountVolume to return ourMount for block volumes
- lxd/storage/drivers/driver/ceph/volumes: Updates UnmountVolumeSnapshot to handle block volumes
- lxd/storage/drivers/driver/ceph/volumes: Renames RBDDevPath to devPath
- lxd/storage/utils: Improves logging and uses size value from vol.ConfigSizeFromSource in ImageUnpack
- lxd/storage/backend/lxd: Improves logging in CreateInstanceFromImage
- lxd/storage/backend/lxd: Improves logging and uses imgVol.ConfigSizeFromSource in EnsureImage
- doc/instances: Rephrase limits.memory.swap
- doc/instances: Typo fix
- lxd/storage: Use same defaults as "lxd init"
- lxd/instance/drivers/driver/qemu: Converts all supplied memory byte values to mebibytes for comparison
- lxd/rbac: Fix URL encoding
- lxd/cgroup: Fix V2 detection/handling
- lxd/cgroup: Add file read/writer
- lxd/cgroup: Fix controller detection
- lxd/cgroup: Add cpuset functions
- lxd/cgroup: Fix warning wording
- lxd/devices: Drop old workaround
- lxd/devices: Port to cgroup package
- lxd/instance: Replace CGroupGet/CGroupSet
- lxd/devices: Update to use cgroup abstraction
- lxd/cgroup: Implement proper typing
- lxd/cgroup: Change ParseCPU to return int64
- lxd/instance/lxc: Update for cgroup function changes
- lxd/cgroup: Improve naming
- lxd/instance: Update for new naming
- lxd/cgroup: Add V2 for GetBlkioWeight and SetBlkioWeight
- lxd/device: Move disk priority back to lxc
- lxd/cgroup: Fix get blkio weight
- lxd/cgroup: Add abstraction for SetBlkioLimit
- lxd/device: Port disk limits to abstraction
- lxd/db/storage/volumes: Adds workaround for old remote volume schema in GetStorageVolumeNodeAddresses
- lxd/db/storage/volumes: Renames GetStorageVolumeNodeAddresses to GetStorageVolumeNodes
- lxd/cluster/connect: Updates ConnectIfVolumeIsRemote to use tx.GetStorageVolumeNodes
- lxd/db/storage/volumes/test: Updates test for TestGetStorageVolumeNodes
- lxd/storage/utils: Updates VolumeUsedByInstances to accept an api.StorageVolume arg
- lxd/storage/utils: Updates VolumeUsedByExclusiveRemoteInstancesWithProfiles to use an api.StorageVolume arg
- lxd/storage/volumes/utils: Updates storagePoolVolumeUsedByGet to accept an api.StorageVolume arg
- lxd/cluster/connect: Updates ConnectIfVolumeIsRemote to use VolumeUsedByExclusiveRemoteInstancesWithProfiles with vol arg
- lxd/device/disk: Updates validateConfig to use storagePools.VolumeUsedByExclusiveRemoteInstancesWithProfiles with vol arg
- lxd/device/disk: Updates storagePoolVolumeAttachShift to use storagePools.VolumeUsedByInstances with vol arg
- lxd/storage/backend/lxd: Updates UpdateCustomVolume to use VolumeUsedByInstances with vol arg
- lxd/storage/backend/lxd: Updates RestoreCustomVolume to use VolumeUsedByInstances with vol arg
- lxd/storage/volumes: storagePoolVolumeUsedByGet usage
- lxd/storage/volumes: Updates storagePoolVolumeTypePost to use storagePools.VolumeUsedByInstances with a vol arg
- lxd/storage/volumes: Use db.StoragePoolVolumeTypeName constants
- lxd/storage/volumes: Updates storagePoolVolumeTypeGet to use storagePoolVolumeUsedByGet with a vol arg
- lxd/storage/volumes: Updates storagePoolVolumeTypeDelete to use storagePoolVolumeUsedByGet with a vol arg
- lxd/storage/volumes/snapshots: storagePoolVolumeUsedByGet usage
- lxd/storage/volumes/utils: Removes storagePoolVolumeAPI constants and converter functions
- lxd/patches: Recreates patchStoragePoolVolumeAPI constants and function for historical patches
- lxd/storage/volumes: Simplifies volume type in URL in storagePoolVolumes routes
- lxd/storage/volumes/snapshot: Simplifies volume type in URL generation
- lxd/storage/volumes: Updates storagePoolVolumeTypePostRename args
- lxd/storage/volumes: Removes unnecessary var init in storagePoolVolumeTypePostMove
- lxd/storage/drivers/driver/ceph/volumes: Fix rbd device leak in RenameVolume
- lxd/storage/drivers/generic/vfs: Use revert package in genericVFSRenameVolume
- lxd/storage/utils: Adds matching of instances on same node as local volume in VolumeUsedByInstances
- lxd/storage/volume: Removes need for loading storage volume when doing lxc storage volume attach
- lxd/device/disk: Reject path property for block disk devices
- lxd/storage/utils: Renames VolumeUsedByInstanceDevices and passes usedByDevices into callback function
- lxd/device/disk: storagePools.VolumeUsedByInstanceDevices usage
- lxd/storage/backend/lxd: VolumeUsedByInstanceDevices usage
- lxd/storage/utils: VolumeUsedByInstanceDevices usage
- lxd/storage/volumes/utils: storagePools.VolumeUsedByInstanceDevices usage
- lxd/storage/volumes: storagePools.VolumeUsedByInstanceDevices usage
- lxd/storage/volumes: Updates storagePoolVolumeTypePost to use updated storagePoolVolumeTypePostRename and storagePoolVolumeTypePostMove
- lxd/storage/volumes: Updates storagePoolVolumeTypePostRename to use updated storagePoolVolumeUpdateUsers
- lxd/storage/volumes: Updates storagePoolVolumeTypePostMove to use updated storagePoolVolumeUpdateUsers
- lxd/instance/drivers/driver/lxc: Removes common function LocalDevices implemented in LXC driver
- lxd/db/instances: Better errors in InstanceList
- lxd/storage/utils: Adds VolumeUsedByProfileDevices function
- lxd/storage/utils: Removes unused volume name matching logic in VolumeUsedByInstanceDevices
- lxd/storage/volumes/utils: Updates storagePoolVolumeUpdateUsers to use storagePools.VolumeUsedByProfileDevices and storagePools.VolumeUsedByInstanceDevices
- lxd/storage/volumes/utils: Updates storagePoolVolumeUsedByGet to use storagePools.VolumeUsedByProfileDevices
- lxd/storage/volumes/utils: Golint suggestions in storagePoolVolumeUsedByGet
- lxd/cluster/connect: Removes CLI command flag in error response in ConnectIfVolumeIsRemote
- lxd/db/storage/pools/test: Initialise db.StorageRemoteDriverNames in db_test package
- lxd/db: Removes duplicated db.StorageRemoteDriverNames init from tests
- lxd/locking/lock: Adds UnlockFunc type and updates Lock() signature
- lxd/storage/drivers/utils: Extends OperationLockName to take into account content type.
- lxd/storage/drivers/volume: Adds MountLock function
- lxd/storage/drivers/driver/lvm/utils: drivers.OperationLockName usage
- lxd/storage/backend/lxd: drivers.OperationLockName usage
- lxd/storage/drivers: Adds mount and unmount locking
- lxd/storage/drivers/volume: Removes locking from MountTask and UnmountTask
- lxd/instance/drivers/driver/lxc: Stop devices in two phases
- lxd/device/disk: Removes workaround for ceph disks now that disks are stopped after instance is stopped
- doc/rest-api: auth property is never set to guest
- lxd/apparmor: Workaround socket handling
- lxd/storage: Expand local config
- lxd/cgroup: Fix swap limits
- lxd/instance/lxc: Fix crash in cgroup function
- lxc/snapshot: Add reuse option
- lxc/storage: Add reuse option to snapshot
- i18n: Update translation templates
- lxd/instance: Removes instanceConfigureInternal
- lxd/instance: Replace instanceConfigureInternal usage with update backup file which was only relevant part
- lxd/storage/backend/lxd: Adds log to CreateInstanceFromMigration showing if migration volume size header not sent
- lxd/cgroup: Support SetCPUShare on V2
- lxd/cgroup: Implement SetCPUCfsLimit for V2
- lxd/instance/lxc: Port to SetCPUCfsLimit
- lxd/cgroup: Support CGroup V2 in ParseCPU
- lxd-agent: Don't allow connections when rebooting
- i18n: Update translations from weblate
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.0.4 LTS リリースのお知らせ ¶
22nd of October 2020
はじめに ¶
LXD チームが LXD 4.0.4 のリリースをお知らせします!
このリリースは、2025 年 6 月までサポートされる LXD 4.0 に対する 4 つめのバグフィックスリリースです。
バグ修正と改良 ¶
このリリースには、開発ブランチからの数カ月分のバグフィックスと細かな改善が含まれています。
主な変更点は次の通りです:
- 使える場合は常にサブプロセスで
pidfdsを使うようになりました - Windows で
remote-viewerが使えるようになりました(lxc console --type=vgaで) - proxy デバイス向けの AppArmor プロファイル
- qemu プロセス向けの AppArmor プロファイル
- 仮想マシンのメモリの縮小と再拡大(
limits.memoryの動的変更) - ストレージプールへの
rsync.compression設定キーの追加(転送時の圧縮を無効化するために) - 仮想マシンでの USB デバイスのサポート(
remote-viewerのリモートへのポートを含む)
コミットの全リストは次の通りです(翻訳なし):
- main_checkfeature: remove logging failed shiftfs mounts
- seccomp: log errors to convert unix connection to file
- unixfd: improve SCM_RIGHTs file descriptor retrieval
- seccomp: simplify the seccomp message retrieval
- lxd/apparmor: Disable cgroup2 on legacy hosts
- lxc/manpage: Fix behavior in snap
- shared/subprocess: Add StartWithFiles
- lxd/forkproxy: Switch to using subprocess
- daemon: check namespace management support through pidfds
- nsexec: remove unused dosetns() function
- nsexec: add new change_namespace() helper
- forksyscall: use pidfds to attach to namespaces
- forknet: use pidfds to attach to namespaces
- forkmount: use pidfds to attach to namespaces
- forkproxy: use pidfds to attach to namespaces
- forkfile: use pidfds to attach to namespaces
- nsexec: remove unused setnsat()
- lxd/db/networks: Separates network type and status conversion into separate functions
- lxd/db/networks: Adds ClusterTx.GetNonPendingNetworks function
- lxd/db/networks: Adds ClusterTx.UpdateNetwork function
- lxd/db/networks: Populates network nodes in ClusterTx.GetNonPendingNetworks
- lxd/db/networks: Populate description col with empty string in CreatePendingNetwork
- shared/validate: Adds IsNetworkMTU function
- lxd/network/driver: validates mtu using IsNetworkMTU
- lxd/device/nic: Validates mtu using IsNetworkMTU
- lxd/network/driver/common: Moves notifier for delete into common
- lxd/networks: Moves cluster notification and storage clean up for networkDelete into common
- shared/validate: Use consistent quoting for outputting input value when there is an error
- lxc: Bundle sortorder
- lxd/network/network/utils: Adds pingIP function
- lxd/storage/drivers/utils: Fixes shrinkFileSystem to detect e2fsck filesystem modifications
- lxd/db/instances: Ensure correct pool name is returned in GetInstancePool
- shared/cert: Fix on Windows
- lxc/console: Support remote-viewer on Windows
- lxc/export: Use HostPathFollow
- lxd/cluster: Re-try listening for a minute
- lxd/init: Don't fail on existing address
- lxd/storage/zfs: Fix bad transfer logic on block
- lxd/storage/zfs: Always discard mountpoint on recv
- lxd/db/projects: go imports order
- lxd/db/projects: Removes unnecessary whitespace
- lxd/storage/zfs: Don't filter mountpoint on block
- lxd/db/instances: Removes instancePoolSnapshot function
- lxc/network: Fix usage
- i18n: Update translation templates
- lxd/apparmor/dnsmasq: drop dup rule, /snap/lxd/*/ includes /snap/lxd/current/
- lxd/apparmor/forkdns: drop dup rule, /snap/lxd/*/ includes /snap/lxd/current/
- lxd/instance: Always put snapshots on same pool as parent
- doc/security: Adds note about non-IP ethernet frame filtering to stop VLAN QinQ bypass
- shared/util: Converts DefaultPort from string to int
- lxd/util/net: Updates CanonicalNetworkAddress to use net.JoinHostPort rather than manual fmt.Sprintf
- lxd/util/net: Adds CanonicalNetworkAddressFromAddressAndPort function
- lxd/device/device/utils/proxy: Use net.JoinHostPort rather than manual fmt.Sprintf
- lxd/main/init/interactive: Error wrapping
- lxd/main/init/interactive: Use canonical address after port has been added for comparison
- lxd/main/init/auto: util.CanonicalNetworkAddressFromAddressAndPort usage
- lxc/remote: shared.DefaultPort usage
- lxd-agent/main/agent: shared.DefaultPort usage
- lxd-p2c/utils: shared.DefaultPort usage
- lxd/vsock: shared.DefaultPort usage
- lxd/util/http: shared.DefaultPort usage
- lxd/main/init: shared.DefaultPort usage
- lxd/storage: Refuse BLOCK_AND_RSYNC with running instance
- lxd/apparmor: Simplify profile name generation
- lxd/device: Export Name and Config
- lxd/apparmor: Shrink instance interface
- lxd/apparmor/forkdns: Alignment
- lxd/apparmor/forkdns: Support LD_LIBRARY_PATH
- lxd/api/cluster: Makes ServerAddress field required for clusterPutJoin
- lxd/init: Updates initDataNodeApply to use revert package and to revert itself on error
- lxd/cluster/connect: Adds UserAgentNotifier constant
- lxd/cluster/connect: Adds UserAgentJoiner constant
- lxd/cluster/connect: Adds ClientType type and UserAgentClientType function
- lxd/api: Updates isClusterNotification to use cluster.UserAgentNotifier
- lxd/api/cluster: clusterInitMember comments
- lxd/api/cluster: initDataNodeApply usage
- lxd/main/init: initDataNodeApply usage
- lxd/api/cluster: Updates clusterPutJoin to use cluster.UserAgentJoiner when sending requests to local node
- lxd/network/network/interfaces: Replaces clusterNotification bool with cluster.ClientType
- lxd/network/driver/common: cluster.ClientType usage
- lxd/networks: cluster.ClientType usage
- lxd/apparmor/dnsmasq: Add /proc/self/fd
- lxd/apparmor/forkdns: Allow reading/mapping the binary
- lxd/apparmor: Add forkproxy
- lxd/device/forkproxy: Add apparmor
- lxd/instance/instance/interface: Moves Project() function into ConfigReader interface
- lxd/instance/drivers/driver/common: Adds Project function
- lxd/instance/drivers/driver/lxc: Updates lxc to use common fields
- lxd/instance/drivers/driver/lxc: Removes driver specific Project function
- lxd/instance/drivers/driver/qemu: Removes driver specific Project function
- lxd/network/network/utils: Improves UpdateDNSMasqStatic error message
- lxd/storage/drivers/load: Cache supported drivers
- lxd/storage/drivers/load: Remove references to "support" in AllDriverNames
- lxd/apparmor/forkproxy: Fix running on i386
- lxd/storage/drivers/interface: Adds isRemote function
- lxd/storage/drivers/driver/common: Adds isRemote() function that returns false
- lxd/storage/drivers/driver: Updates driver's Info() function to call d.isRemote()
- lxd/storage/drivers/ceph: Implements isRemote function for ceph and cephfs
- lxd/storage/drivers/load: Removes SupportedDrivers caching and updates comment
- lxd/network/driver: cluster.ClientType usage
- lxd/storage/drivers/load: Remove references to "support" in AllDriverNames
- lxd/storage/drivers/load: Simplifies RemoteDriverNames to use the isRemote function
- lxd/network: Add missing import
- shared/log15: Fix due to recent unix change
- Handle signals in non-interactive sessions.
- Fix hang when control is not provided in non-interactive mode.
- lxd/storage/volumes: Only apply config changes when restoring snapshot if non-nil config is supplied
- lxd/network/driver/bridge: Exclude /32 underlay addresses from overlay address generation
- lxd/device/device/utils/network: Removes networkRandomDevName
- lxd/network/network/utils: Adds RandomDevName function
- lxd/device: network.RandomDevName usage
- lxd/network: Adds Description function
- doc/api: Removes underscore escaping when used inside backticks
- lxd/instance/drivers: Fixes crash when removing device that can't be loaded
- lxc/storage_volume: Fix usage string
- po: Update translations
- lxd/drivers/qemu: Use gic-version=max on aarch64
- lxc/config: Update wording for profile/config
- lxc/export: Support writing to stdout
- i18n: Update translation templates
- Drop custom SQLite and libco
- validate: Consider + as unsafe in URL
- lxd/instance/snapshots: Restrict naming
- lxd/storage/drivers/utils: Corrects argument order of mkfs in makeFSType for wider compatibility
- lxd/api/cluster: Start networks after cluster join
- lxd/networks: Only call n.Start() during doNetworksCreate if client type isn't joiner
- lxd/network/network/utils: Adds UsedBy function and unexports related functions not used elsewhere
- lxd/network/driver/common: Updates IsUsed to use UsedBy
- lxd/network/driver/bridge: Adds existing interface check as Create function
- lxd/network/driver/bridge: Push down interface name conflict check to Rename
- lxd/profiles/utils: Renames project arg to projectName in doProfileUpdate
- lxd/profiles: Updates usage of ValidDevices in profilesPost
- lxd/networks: Updates networkPost validation
- lxd/networks/utils: Removes networkGetInterfaces function
- lxd/instance/instance/utils: Project name is needed to validate instance devices
- lxd/instance: instance.ValidDevices project argument usage
- lxd/instance/drivers/driver/lxc: instance.ValidDevices project usage
- lxd/instance/drivers/driver/lxc: Error quoting
- lxd/instance/drivers/driver/qemu: instance.ValidDevices project usage
- lxd/instance/drivers/load: Adds project support to validDevices
- lxd/device/device/load: Adds project support to load function
- lxd/networks: Updates doNetworkGet to support projects and to use network.UsedBy
- lxd/networks: Drop networkGetInterfaces
- shift_linux: tweak ACL handling
- tar_write: switch to PAXRecords to preserve ACLs too
- shift_linux: handle ACL unshifting correctly
- shift_linux: handle capability unshifting correctly
- shift_linux: converty to CBytes not to CString
- lxc/utils: Add usage function
- lxc: Drop command name from translation
- i18n: Update translation template
- lxd/init: Updates initDataNodeApply to return a revert function
- lxd/main/init: Updates Run to use revert
- lxd/api/cluster: Updates clusterPutJoin to use revert
- lxd/api/cluster: Updates clusterInitMember to return a revert function
- lxd/api/cluster: Logging quoting
- lxd/network: Adds Info struct and function
- shared/subprocess: Set err on non-zero
- lxd/instances/qemu: Use subprocess
- lxd/instance: Add DevPaths
- lxd/apparmor: Fix unload/delete
- lxd/apparmor/instance: Sort context
- lxd/apparmor: Prepare for qemu
- lxd/apparmor: Add qemu profile
- lxd/instance/drivers/driver/qemu: Switch to threads locking mode and writeback cache mode for BTRFS
- doc/instance: raw.apparmor now implemented for VM
- lxd/apparmor: Tweak qemu profile for non-snap
- shared/idmap/shift/linux: Handle nil IdmapSet in UnshiftACL and UnshiftCaps
- shared/instancewriter/instance/tar/writer: Handle nil idmapSet and log shifting errors in WriteFile
- lxc: Better handle arguments
- lxc: Unbundle sortorder
- lxd/util/sys: Fixes GetExecPath when lxd binary has been removed/changed
- lxd/db/images: Error message uppercase first letter
- lxd/instance: Adds instanceImageTransfer and updates instanceCreateFromImage to use it
- lxd/daemon/images: Error quoting
- lxd/daemon/image: Adds logic to download image from another cluster node into ImageDownload
- lxd/db/images/test: Fixes tests for LocateImage
- test/suites/clustering: Adds test for image transfer between cluster nodes
- bash-completion: use "list --format=csv" consistently
- bash-completion: use regex grouping for
lxc start - lxd/instance/qemu: Fix mem device naming
- proxy bind= should accept host|instance as the doc says
- Valid proxy type= values are all lower case so fix doc
- s/descriptros/descriptors/
- Revert "lxd/network/driver/bridge: Exclude /32 underlay addresses from overlay address generation"
- lxd/network/driver/bridge: Skip lo interface when generating fan overlay address in addressForSubnet
- lxd/apparmor: Allow unix sockets binding
- doc/server: Sort config keys
- lxd: Ensure all use of db.InstanceFilter defines instance type
- lxd/project/permissions: Fixes AllowInstanceCreation tests
- lxd/project/permissions: Error quoting
- doc/storage: no need to escape underscore in bash examples
- shared/validate: Use ParseUint in IsNetworkMTU
- lxd/device/device/utils/network: Change argument for NetworkSetDevMTU to uint32
- lxd/device/device/utils/network: NetworkSetDevMTU usage
- lxd/network/network/utils: Changes GetDevMTU to return uint32
- doc/projects: Sort config keys
- lxd/project/permissions: Typo
- lxd/storage/cephfs: Fix quota on new volumes
- lxc/remote: Add project selection logic
- i18n: Update translation templates
- lxd/backup: Adds WorkingDirPrefix constant
- lxd: backup.WorkingDirPrefix usage
- lxd/backup: Rename comment ending
- lxd/backup: DoBackupDelete comment ending
- lxd/network/network/interface: Adds Type interface and moves non-DB dependent functions into it
- lxd/network/network/load: Adds LoadByType function and removes ValidateNameAndProject function
- lxd/main/init/interactive: netType.ValidateName usage
- lxd/networks: Switch to network type validation in networksPost
- lxd/networks: Use ValidateName function on loaded DB network in networkPost
- lxd/network/network/interface: Exports FillConfig
- lxd/network/network/load: Removes FillConfig function
- lxd/networks: netType.FillConfig usage
- lxd/network/driver/common: Exports FillConfig
- lxd/network/driver/bridge: FillConfig usage
- lxd/network/driver/common: Removes common Type() and netType
- lxd/network: Adds Type() to each driver
- lxd/db/errors: Updates ErrAlreadyDefined text to be generic
- lxd/network/network/interface: Adds DBType function
- lxd/network/driver: Implements DBType()
- lxd/network/driver: Adds NodeSpecificConfig Info var
- lxd/instances: Fix ceph cluster target move
- lxd/cgroup: Fix memory.swappiness detection
- lxd/db: Adds boolean support to doDbQueryScan
- lxd/sys/fs: initDirs comment
- lxd/sys/fs: initDirs error quoting
- lxd/sys/fs: Adds initStorageDirs to be called after storage pools and daemon volumes are mounted
- lxd/sys/os: Adds InitStorage
- lxd/daemon: Call d.os.InitStorage after daemon storage volumes are mounted
- lxd/backup/instance/config: Renames InstanceConfig to Config
- lxd/backup/backup/config: Makes Config fields omitempty so custom volume's encoded yaml doesn't contain instance fields
- lxd/backup/backup/config: Adds comment to Container field explaining that VM backups use this too
- lxd/storage/pool/interface: backup.Config usage
- lxd/api/internal: backup.ParseConfigYamlFile usage
- lxd/storage/backend: backup.Config usage
- lxd/backup: Moves Instance interface into own file
- lxd/backup: Moves Info struct and GetInfo function into own file
- lxd/backup: Renames backup to backup_common
- lxd/rbac: Avoid tight retry loop
- lxd/rbac: Directly handle re-tries on 504
- lxd/networks: netType.DBType usage in networksPost
- lxd/networks: Create pending network node entries when network driver doesn't support per node config in networksPost
- lxd/networks: Comments in networksPostCluster
- lxd/networks: Comments in networkGet
- lxd/network: Only adding pseudo pending node records when in cluster in networksPost
- lxd/networks: Updates doNetworkUpdate to use n.Validate so that project is available to validator
- lxd/network/network/load: Removes unused Validate
- lxd/networks: Fix build
- lxd/backup/backup/common: Renames Backup to BackupCommon
- lxd/backup/backup/instance: Adds InstanceBackup using CommonBackup as basis
- lxd/backup: Changes pruneExpiredContainerBackups to use InstanceBackup.Delete() function
- lxd/instance/instance/utils: backup.InstanceBackup usage
- lxd/instance/instance/interface: backup.InstanceBackup usage
- lxd/instance/drivers: backup.InstanceBackup usage
- lxd/backup/backup/utils: Adds TarReader function
- lxd/backup/backup/info: Changes Type field from api.InstanceType to Type
- lxd/backup/backup/info: Updates GetInfo to use TarReader
- lxc/backup: Updates backupWriteIndex to use backup.Type
- lxd/backup/backup/info: GetInfo consistent comment endings
- lxd/backup/backup/info: Updates GetInfo to support backup.Type
- lxd/db/backups: InstanceBackup comment
- lxd/db/backups: projectName argument renaming
- lxd/db/storage/volumes: Set Snapshot: true in StorageVolumeArgs returned from GetLocalStoragePoolVolumeSnapshotsWithType
- lxd/instance: Spacing
- lxd/storage/drivers/driver/btrfs/utils: Switches to backup.TarReader
- lxd/storage/drivers/driver/btrfs: Consistent comment ending
- lxd/storage/drivers/driver/zfs/volumes: consistent comment ending
- lxd/storage/drivers/generic/vfs: Consistent comment ending
- lxd/backup/backup/info: Adds note about legacy container.bin optimized type check
- lxd/backup/backup/instance: Fix old parent directory removal in InstanceBackup.Rename()
- lxd/backup: Backtrack path changes
- lxd/backup/backup/config: Adds VolumeSnapshots to Config struct
- lxd/backup/backup/info: Adds Config field to Info struct
- client/interfaces: Add custom volume backup functions
- client/interfaces: Adds StoragePoolVolumeBackupArgs struct
- client/lxd/storage/volumes: Add custom volume backup functions
- lxd/db/storage/volume/snapshots: Adds GetStorageVolumeSnapshotsNames function
- lxd/storage/drivers/driver/btrfs/volumes: Adds support for optimized custom volume backups
- lxd/storage/drivers/driver/dir/volumes: Adds support for custom volume backups nil post hooks
- lxd/storage/drivers/driver/zfs/volumes: Adds support for optimized custom volume backups
- lxd/storage/drivers/driver/zfs/volumes: Adds support for custom volume backups nil post hooks
- lxd/storage/drivers/generic/vfs: Adds support for custom volume backups to genericVFSBackupVolume
- lxd/storage/drivers/generic/vfs: Adds support for custom volume backups to genericVFSBackupUnpack
- shared/api/storage/pool/volume: Adds custom volume backup structs
- lxd/storage/drivers: Support block volumes
- lxd/cluster: Changing "no heartbeat" language in membership.go "no heartbeat since
" changed to "no heartbeat for " - lxc: Always use HostPathFollow
- lxd/storage/drivers/generic/vfs: Fixes custom volume root dir ownership issue in genericVFSBackupUnpack
- test/suites/backup: Use project argument in test_backup_import_with_project
- test/suites/backup: Use project argument in test_backup_export_with_project
- test/suites/backup: Adds test for backup import into different project in test_backup_import_with_project
- lxd/api: Restrict access to daemon config
- lxd/storage: Allow ceph/cephfs for images/backups
- client/interfaces: Adds Name field to InstanceBackupArgs
- client/lxd/instances: Adds custom name restore support to CreateInstanceFromBackup
- lxd/instance/drivers/qmp/monitor: Adds GetBalloonSizeBytes and SetBalloonSizeBytes
- lxd/instance/drivers/driver/qemu: Adds live shrinking of memory
- lxd/devices/config/devices/utils: Adds doc block for deviceEquals and deviceEqualsDiffKeys
- lxd/device/config/devices: Comment clean up
- lxd/device/config/devices: Improves comments and variable naming in Update
- lxd/device/config/devices: Fixes bug in Update where allChangedKeys only contains changed keys from last device
- lxd/device/config/devices: Handles nil updateFields function in Update
- lxd/instances/post: Adds custom name support for backup import to createFromBackup
- lxd/instances/post: createFromBackup usage
- lxd/instance/drivers/driver/lxc: Whitespace
- lxd/instance/drivers/driver/qemu: Removes logic duplication in live update
- lxd/api/internal: Adds AllowNameOverride to internalImportPost
- lxd/api/internal: Override instance name in internalImport when AllowNameOverride is set
- client/interfaces: Adds Name field to StoragePoolVolumeBackupArgs to bring in line with InstanceBackupArgs
- client/lxd/storage/volumes: Updates CreateStoragePoolVolumeFromBackup to accept volume name override via X-LXD-name header
- shared/api: Not all disks have a device path
- lxd/resources: Ignore rbd devices
- lxd/device/device/interface: Adds NICState interface for getting NIC state
- lxd/device/nic/bridged: Implements NICState interface by adding State function
- lxd/instance/drivers/driver/qemu: Refactors RenderState to support multiple NIC types in the future
- lxd/instance/drivers/qmp/monitor: Renames GetMemoryBalloonSizeBytes
- lxd/instance/drivers/qmp/monitor: Renames SetMemoryBalloonSizeBytes
- lxd/instance/drivers/qmp/monitor: Adds GetMemorySizeBytes function
- lxd/instance/drivers/driver/qemu: Adds qemuDefaultMemSize constant
- lxd/instance/drivers/driver/qemu: Updates updateMemoryLimit to allow memory resize back to boot time size
- lxd/instance/drivers/driver/qemu: Updates IsRunning to not check for BROKEN state
- lxd/instance/drivers/driver/qemu: Updates statusCode() to detect if monitor failure with running VM
- lxd/apparmor: Allow access to zoneinfo files
- lxd/apparmor: Add /etc/localtime to the list
- lxd/project: Always allow cloud-init:config drives
- doc/image-handling: Cover publishing
- lxd/network/network/utils: Adds GetNeighbourIPs function
- lxd/network/network/utils: Updates GetLeaseAddresses to return only net.IP list
- lxd/device/nic/bridged: Updates State() to return partial data
- lxd/device/nic: Fix build on stable
- shared/simplestreams: Fix stream's index download url
- refuse empty passwords
- lxd/storage: Adds rsync.compression config key
- doc: Adds rsync.compression
- api: storage_rsync_compression
- tests: Valid rsync.compression
- doc/index: Add libsqlite3-dev back to dependencies
- lxd/firewall/drivers/driver/nftables: Updates nft parser to handle nft sets with composite
typefield - shared/validate/validate: Increases max MTU to 16384 to support super jumbo packets
- lxd/apparmor/forkproxy: Fix bad profile name
- lxd/apparmor/forkproxy: Allow writing to log path
- lxc: Better handle copy/move between projects
- lxd/apparmor: Fix version parsing
- lxd/dnsmasq: Switch to Parse for version parsing
- lxd/firewall/drivers: Fix to Parse for version parsing
- lxd/rsync: Switch to Parse for version parsing
- shared/version: Make patch optional
- lxd/networks: Log error in doNetworksCreate after failed create if cleanup fails too
- lxd/network/network/utils: Moves bridge related functions into own file
- static_analysis: exclude vendored headers from spell checking
- static_analysis: exclude .git
- shift_linux: vendor posix_acl_xattr.h
- shares/validate: Whitespace
- lxd/apparmor/forkproxy: Socket path fixes
- lxd/images: Fix crash when no "info" struct
- lxd/util/net: Updates SysctlSet to support setting multiple keys
- shared/validate: Adds IsNetworkAddressList function
- lxd/network/network/utils: Adds VLANInterfaceCreate function
- lxd/device/device/utils/network: network.VLANInterfaceCreate usage
- lxd/device/device/utils/network: Removes NetworkRemoveInterface function
- lxd/network/network/utils: Adds InterfaceRemove and InterfaceExists functions
- lxd/network/network/utils: InterfaceExists usage
- lxd/device/device/utils/network: network.InterfaceRemove usage
- lxd/device/nic: network.InterfaceRemove usage
- lxd/network/driver/bridge: InterfaceExists usage
- lxd/network/network/utils: Adds InterfaceSetMTU function
- lxd/device: network.InterfaceSetMTU usage
- lxd/storage/pools: Gives clear error message when trying to create duplicate storage pool in single node
- lxd/network/driver: Improves comments
- lxd/device/sriov: Fix build
- lxd/events: Validate type
- lxd/events: Prevent logging access to non-admin
- lxd/daemon: Clean shutdown on SIGPWR/SIGTERM
- lxd/operations: Don't directly trigger shutdown
- lxd: Prevent internal cluster migration of instances with backups
- lxd/instance/drivers: Enable USB for VMs
- lxd/instance/drivers: Add USB controller to QEMU config
- lxd/apparmor: Fix devPaths in QEMU profile
- db: Retry transient errors for longer
- db: Always retry driver.ErrBusy, regardless of the error message
- db: Retry failed rollbacks if they are due to transient errors
- db: Explicitly rollback leftover transactions when a new one can't be started
- db: Retry to begin a new transaction after an explicit rollback attempt
- lxd/operations: Fix timeout
- lxd/daemon: Allow more operations during shutdown
- lxd/include: Relocate ifndef for NEWCGROUP
- doc: Remove stray _ escapes in security.md
- lxc-to-lxd: Handle snap better
- lxd/events: Handle default permissions in projects
- lxd/dnsmasq: Adds 100ms sleep to successful Kill() to allow sockets to be released by OS
- lxd/instance/drivers/driver/qemu: Restores ability to resize VM disks
- lxd/device/disk: Adds comment about VM instances depending on CanHotPlug fields for stopped disk resize
- lxd/instance/qemu: Fix bad event name
- lxd/storage: Check base image is available locally
- lxd/instance: Fix building on 4.0
- lxd/device/usb: Allow USB devices for VMs
- lxd/device: Add bus and dev number to USBEvent
- lxd/apparmor: Allow USB specific paths
- lxd/device/config: Add USBDevice to RunConfig
- lxd/storage/drivers/driver/lvm: Don't remove empty thinpool and volume group if lvm.vg.force_reuse enabled
- shared/validate/validate: Removes inaccurate comments about optional values
- shared/validate/validate: Adds IsNetwork and IsNetworkList functions
- shared/validate/validate: Re-orders IP validation functions
- lxd/network/driver/common: Ban : char from network names in ValidateName()
- lxd/device: Handle USB devices for VMs
- lxd/instance/drivers: Add qemuUSBDev template
- lxd/instance/drivers: Add USB devices to qemu config
- Revert "lxd/instance/drivers: Enable USB for VMs"
- lxd/driver/qemu: Add spice usb ports
- forksyscall: use correct function
- lxd-agent: Fix defer in for loop
- shared/util.go: use string method with stdout and stderr
- simplestreams.go: remove unneeded fmt.Sprintf and simplify getImages()
- lxd/instance/drivers: Updates templateApplyNow to close files at end of each iteration
- lxd/network/network/utils: Adds SubnetContains function
- lxd/network/network/utils: Adds SubnetIterate function
- lxd/network/network/utils: Adds SubnetParseAppend function
- lxd/api/project: Moves projectConfigKeys inside projectValidateConfig and adds state
- lxd/api/project: projectValidateConfig usage
- forkmount: improve
- seccomp: improve logging for the seccomp notifier
- seccomp: make sure that insertMountLXD() doesn't call into LXC
- lxd/network/driver/bridge: Fixes inconsistency between normal bridge and fan bridge default ipv4.nat value
- lxd/device/usb: Fix check for required USB device
- seccomp: switch back to pread()
- nsexec: simplify userns attach
- forksyscall: preserve root and cwd fds for shifted mount emulation
- lxc/init.go: remove for-loop in create()
- revert/revert.go: remove a for-loop from Clone()
- lxc/copy.go: Remove unneeded for-loop in c.Run()
- lxd/db/projects: Adds GetProject function
- lxd/db/networks: Fix NULL description
- doc/instances: Re-organises NIC device type docs introducing section about network property
- lxd/images: Fixes ineffectual assign warning
- lxd/resources/usb: Fixes ineffectual assign warning
- lxd/storage/drivers/driver/lvm/volumes: Fixes ineffectual assign warning
- lxd/instance: Use project aware inst.LogPath() function when clearing log dir in instanceCreateInternal
- lxd/instance/drivers/driver/lxc: Project aware rename of log path in Rename()
- lxd/instance/drivers/driver/qemu: Project aware rename of log path in Rename()
- lxd/instance/drivers/driver/lxc: Makes collectCRIULogFile project log path aware
- lxd/instance/logs: Makes containerLogsGet project aware
- lxd/main/init/interactive: Clarifies question about using an existing empty disk
- lxd/network/driver/bridge: Sets ipv4.nat=true when adding a new fan network with fan.underlay_subnet=auto
- lxd/patches: Adds patchNetworkFANEnableNAT to set ipv4.nat=true for fan networks missing the setting
- doc/networks: Clarifies comment defaults for bridge ipv4.nat when not specified during creation
- lxd/seccomp: Fix go vet
- lxd/instance: Add Architecture to common
- lxd/devices: Disable USB on s390x
- add new "restarted" event to reboot section of onStop in both lxc and qemu
- tests: Fix missing clustering cleanup
- lxd/storage/zfs: Properly recurse delete volumes
- lxd/storage/backend/lxd: b.driver.UnmountVolume usage
- lxd/instance/drivers/driver/lxc: Moves log rotate and mount before devices start in startCommon
- lxd/storage/drivers/interface: Adds keepBlockDev arg to UnmountVolume
- lxf/storage/drivers/volume: v.driver.UnmountVolume usage
- lxd/storage/drivers/volume: Adds keepBlockDev arg to UnmountTask
- lxd/storage/drivers/utils: Passes true for keepBlockDev arg to UnmounTask in shrinkFileSystem
- lxd/storage/drivers/generic/vfs: d.UnmountVolume usage
- lxd/storage/drivers/drivers/mock: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/btrfs/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/dir/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/cephfs/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/lvm/volumes: UnmountVolume usage
- lxd/storage/drivers/driver/lvm/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/lvm/volumes: UnmountTask usage
- lxd/storage/drivers/driver/ceph/volumes: d.UnmountVolume usage
- lxd/storage/drivers/driver/ceph/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/zfs/volumes: Adds keepBlockDev arg to UnmountVolume
- lxd/storage/drivers/driver/zfs/volumes: d.UnmountVolume usage
- lxd/device/config/devices/sort: Sort disks between nics and other types of devices
- lxd/device/config/devices/sort: Comment improvement
- lxd/instance/drivers: Device lifecycle logging improvements
- lxd/instance/drivers: Stop devices in reverse order to how they were started
- lxd/instance/drivers/driver/lxc: Only use postStartHooks var where actually needed
- lxd/instance/drivers/driver/qemu: Adds log rotation to Start
- lxd/storage/zfs: Fix argument ordering
- lxd/patches: Fix for stable-4.0
- lxd/cluster/connect: Renames project arg to projectName in ConnectIfInstanceIsRemote
- lxd/cluster/connect: Adds projectName arg to ConnectIfVolumeIsRemote
- lxd/response: Adds projectName argument to forwardedResponseIfVolumeIsRemote
- lxd/db/storage/volumes: Corrects misspelled argument name in GetStorageVolumeNodeAddresses
- lxc/move: Bypass security.protection.delete
- lxd/device: Fix typo
- doc/instances: usb and gpu are available in VMs
- doc/instances: Add missing header in usb device
- lxd/storage/volumes: forwardedResponseIfVolumeIsRemote projectName argument usage
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.7 リリースのお知らせ¶
16th of October 2020
はじめに ¶
LXD チームは LXD 4.7 のリリースをお知らせできることにとてもワクワクしています!
このリリースには、VM でとても歓迎すべきいくつかの改良(USB と Live メモリのアップデート)、バックアップ機能の充実、OVN 仮想ネットワークを使う場合の多数の改良が含まれています。
Enjoy!
新機能とハイライト ¶
カスタムストレージボリュームのバックアップ(export/import) ¶
新たにカスタムボリュームに対する backup API が追加されました。これにより、cli で lxc storage volume export と lxc storage volume import が使えるようになりました。
stgraber@castiana:~$ lxc storage volume create default foo Storage volume foo created stgraber@castiana:~$ lxc storage volume export default foo Backup exported successfully! stgraber@castiana:~$ lxc storage volume delete default foo Storage volume foo deleted stgraber@castiana:~$ lxc storage volume import default backup.tar.gz stgraber@castiana:~$ lxc storage volume list default +----------------------------+------------------------------------------------------------------+-------------+--------------+---------+ | TYPE | NAME | DESCRIPTION | CONTENT TYPE | USED BY | +----------------------------+------------------------------------------------------------------+-------------+--------------+---------+ | container | lxd-build | | filesystem | 1 | +----------------------------+------------------------------------------------------------------+-------------+--------------+---------+ | container | lxd-build-focal | | filesystem | 1 | +----------------------------+------------------------------------------------------------------+-------------+--------------+---------+ | container | steam | | filesystem | 1 | +----------------------------+------------------------------------------------------------------+-------------+--------------+---------+ | custom | backups | | filesystem | 1 | +----------------------------+------------------------------------------------------------------+-------------+--------------+---------+ | custom | foo | | filesystem | 0 | +----------------------------+------------------------------------------------------------------+-------------+--------------+---------+ | custom | images | | filesystem | 1 | +----------------------------+------------------------------------------------------------------+-------------+--------------+---------+
別の名前でのインスタンスのインポート ¶
ついに別の名前でインスタンスのバックアップをインポートできるようになりました!
stgraber@castiana:~$ lxc init images:alpine/edge a1 Creating a1 stgraber@castiana:~$ lxc export a1 Backup exported successfully! stgraber@castiana:~$ lxc import backup.tar.gz a2 stgraber@castiana:~$ lxc list a +------+---------+------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +------+---------+------+------+-----------+-----------+ | a1 | STOPPED | | | CONTAINER | 0 | +------+---------+------+------+-----------+-----------+ | a2 | STOPPED | | | CONTAINER | 0 | +------+---------+------+------+-----------+-----------+
仮想マシンのメモリの圧縮(と再増加) ¶
仮想マシン内のバルーンデバイスを制御できるようになりました。メモリ容量を縮小させ、その後で再度前の制限にまで戻すことができるようになりました(さらなるメモリの追加にはリブートが必要です)。
stgraber@castiana:~$ lxc config show ubuntu-desktop | grep memory
limits.memory: 2GiB
stgraber@castiana:~$ lxc exec ubuntu-desktop -- free -m
total used free shared buff/cache available
Mem: 1983 437 822 7 722 1386
Swap: 448 0 448
stgraber@castiana:~$ lxc config set ubuntu-desktop limits.memory 1500MiB
stgraber@castiana:~$ lxc exec ubuntu-desktop -- free -m
total used free shared buff/cache available
Mem: 1435 436 276 7 722 840
Swap: 448 0 448
stgraber@castiana:~$ lxc config set ubuntu-desktop limits.memory 2GiB
stgraber@castiana:~$ lxc exec ubuntu-desktop -- free -m
total used free shared buff/cache available
Mem: 1983 437 822 7 722 1387
Swap: 448 0 448
stgraber@castiana:~$
仮想マシンに対する USB デバイスのパススルー ¶
usb デバイスタイプが仮想マシンで使えるようになりました。
新しいデバイスを追加するには再起動が必要な点をのぞいては、コンテナと全く同じように動作します。
さらに、3 つの仮想ポートが LXD の VM に接続されており、lxc console --type=vga を使って、リモートの USB デバイスへのリダイレクションが使えます。
マイグレーション時の rsync 圧縮が設定可能に ¶
新たに真偽値の rsync.compression オプションがストレージプールに対して追加されました。
これにより、ネットワークが充分に高速でボトルネックにならず、圧縮が原因で CPU 使用率が問題となるような場合に、マイグレーション操作中の rsync 圧縮を無効にできるようになりました。
プロジェクトのネットワークで使えるアップリンクの制限 ¶
OVN ネットワーク機能を有効にしたプロジェクトを使っている場合、仮想マシンが使うアップリンクネットワークを制限できるようになりました。
アップリンクネットワークがひとつだけの場合、ユーザーが指定しなくても LXD は自動的にそのネットワークを使います。
これはプロジェクトに新たに追加された restricted.networks.uplinks オプションで行います。
新たに追加された管理 physical ネットワークタイプ ¶
新たに physical ネットワークタイプが追加されました。これは、現時点では OVN ネットワークに対するアップリンクとしてのみ使えます。設定には OVN ネットワークで使える IP アドレスのセットと、ゲートウェイ、DNS サーバが含まれています。
stgraber@castiana:~$ lxc network create external parent=eth0 ipv4.gateway=172.17.0.1/24 ipv4.ovn.ranges=172.17.0.100-172.17.0.150 dns.nameservers=1.1.1.1 --type=physical Network external created stgraber@castiana:~$ lxc network list +----------+----------+---------+----------------+---------------------------+-------------+---------+ | NAME | TYPE | MANAGED | IPV4 | IPV6 | DESCRIPTION | USED BY | +----------+----------+---------+----------------+---------------------------+-------------+---------+ | eth1 | physical | NO | | | | 0 | +----------+----------+---------+----------------+---------------------------+-------------+---------+ | external | physical | YES | | | | 0 | +----------+----------+---------+----------------+---------------------------+-------------+---------+ | lxdbr0 | bridge | YES | 10.166.11.1/24 | fd42:4c81:5770:1eaf::1/64 | | 15 | +----------+----------+---------+----------------+---------------------------+-------------+---------+ | virbr0 | bridge | NO | | | | 0 | +----------+----------+---------+----------------+---------------------------+-------------+---------+ | wlan0 | physical | NO | | | | 0 | +----------+----------+---------+----------------+---------------------------+-------------+---------+
OVN ネットワークでの外部ルーティングアドレス・サブネットのサポート ¶
新たな設定キー ipv4.routes.external と ipv6.routes.external を使って、外部の IP アドレスとサブネットを OVN ネットワーク上で実行中のインスタンスにルーティングできるようになりました。
プロジェクト設定の新たな restricted.networks.subnets キーと一緒に使用して、まずは外部の IPv4/IPv6 サブネットのセットを特定のプロジェクトに委任し、そのプロジェクト内でそれらのアドレスをインスタンスにルーティングできます。
すべての変更点(翻訳なし) ¶
このリリースでの完全な変更点のリストは次のとおりです:
- lxd/cluster: Changing "no heartbeat" language in membership.go "no heartbeat since
" changed to "no heartbeat for " - lxd/apparmor: Allow unix sockets binding
- doc/server: Fix escaping
- doc/server: Sort config keys
- lxd/backup: Adds WorkingDirPrefix constant
- lxd: backup.WorkingDirPrefix usage
- lxd/backup: Updates backupCreate to store backups in backups/instances
- lxd/backup: Updates Rename to support new backup location
- lxd/backup: Rename comment ending
- lxd/backup: Updates DoBackupDelete to handle new backup location
- lxd/backup: DoBackupDelete comment ending
- lxd/instance/backup: Updates containerBackupExportGet to support new backup location
- lxd/patches: Adds patchMoveBackupsInstances to move backups into backups/instances dir
- lxd/sys/fs: Adds backups/custom and backups/instances to initDirs()
- lxd/network/driver/ovn: Improve error message when parent 'network' option not specified
- lxd/network/network/interface: Adds Type interface and moves non-DB dependent functions into it
- lxd/network/network/load: Adds LoadByType function and removes ValidateNameAndProject function
- lxd/main/init/interactive: netType.ValidateName usage
- lxd/networks: Switch to network type validation in networksPost
- lxd/networks: Use ValidateName function on loaded DB network in networkPost
- lxd/network/network/interface: Exports FillConfig
- lxd/network/network/load: Removes FillConfig function
- lxd/networks: netType.FillConfig usage
- lxd/network/driver/common: Exports FillConfig
- lxd/network/driver/bridge: FillConfig usage
- lxd/network/driver/ovn: FillConfig usage
- lxd/network/driver/common: Removes common Type() and netType
- lxd/network: Adds Type() to each driver
- lxd/db/errors: Updates ErrAlreadyDefined text to be generic
- lxd/network/network/interface: Adds DBType function
- lxd/network/driver: Implements DBType()
- lxd/network/driver: Adds NodeSpecificConfig Info var
- lxd/networks: netType.DBType usage in networksPost
- lxd/networks: Create pending network node entries when network driver doesn't support per node config in networksPost
- lxd/networks: Comments in networksPostCluster
- lxd/networks: Comments in networkGet
- lxd/networks: Start parent networks before dependents in networkStartup
- lxd: Ensure all use of db.InstanceFilter defines instance type
- lxd/project/permissions: Fixes AllowInstanceCreation tests
- lxd/project/permissions: Error quoting
- api: Add projects_networks
- doc/storage: no need to escape underscore in bash examples
- seccomp: fix bpf support detection
- seccomp: improve bpf support detection
- shared/validate: Use ParseUint in IsNetworkMTU
- lxd/device/device/utils/network: Change argument for NetworkSetDevMTU to uint32
- lxd/device/device/utils/network: NetworkSetDevMTU usage
- lxd/network/network/utils: Changes GetDevMTU to return uint32
- lxd/network/openvswitch/ovs: Adds OVNEncapIP function
- lxd/network/driver/ovn: Removes ovnGeneveTunnelMTU constant
- lxd/network/network/utils/ovn: Removes OVNInstanceDeviceMTU function
- lxd/network/driver/ovn: Updates getBridgeMTU() to not depend on ovnGeneveTunnelMTU
- lxd/network/driver/ovn: Adds getOptimalBridgeMTU and getUnderlayInfo functions
- lxd/network/driver/ovn: Updates setup to generate an optimal bridge.mtu setting if not specified manually
- lxd/device/nic/ovn: Read mtu directly from parent network config bridge.mtu setting
- doc/projects: Sort config keys
- lxd/networks: Enforces manage-networks RBAC permission for managing networks
- lxd/network: Only adding pseudo pending node records when in cluster in networksPost
- lxd/project/permissions: Typo
- lxd/db/cluster/open: Adds features.networks to default project on new database
- lxd/storage/cephfs: Fix quota on new volumes
- lxd/networks: Allow network deletion in projects
- lxc/remote: Add project selection logic
- i18n: Update translation templates
- lxd/network: Removes client side default network type when creating network
- lxd/networks: Default to ovn network type when creating non-default network project
- lxd/network: Removes client side default network type when creating network
- lxd/networks: Default to ovn network type when creating non-default network project
- api: Adds projects_networks_restricted_uplinks extension
- doc/projects: Adds restricted.networks.uplinks
- lxd/networks: Updates doNetworkUpdate to use n.Validate so that project is available to validator
- lxd/network/network/load: Removes unused Validate
- lxd/network/network/load: Renames project arg to projectName for clarity
- lxd/api/project: Adds restricted.networks.uplinks to validation
- lxd/network/driver/ovn: Adds allowedUplinkNetworks function
- lxd/network/driver/ovn: Enforce project restricted.networks.uplinks setting
- lxd/instances: Fix ceph cluster target move
- lxd/cgroup: Fix memory.swappiness detection
- lxd/db: Adds boolean support to doDbQueryScan
- lxd/sys/fs: initDirs comment
- lxd/sys/fs: Removes backups/instances and backups/custom from pre-storage mount setup
- lxd/sys/fs: initDirs error quoting
- lxd/sys/fs: Adds initStorageDirs to be called after storage pools and daemon volumes are mounted
- lxd/sys/os: Adds InitStorage
- lxd/daemon: Call d.os.InitStorage after daemon storage volumes are mounted
- lxd/backup/instance/config: Renames InstanceConfig to Config
- lxd/backup/backup/config: Makes Config fields omitempty so custom volume's encoded yaml doesn't contain instance fields
- lxd/backup/backup/config: Adds comment to Container field explaining that VM backups use this too
- lxd/storage/pool/interface: backup.Config usage
- lxd/api/internal: backup.ParseConfigYamlFile usage
- lxd/storage/backend: backup.Config usage
- lxd/backup: Moves Instance interface into own file
- lxd/backup: Moves Info struct and GetInfo function into own file
- lxd/backup: Renames backup to backup_common
- lxd/backup/backup/common: Renames Backup to BackupCommon
- lxd/backup/backup/instance: Adds InstanceBackup using CommonBackup as basis
- lxd/backup: Changes pruneExpiredContainerBackups to use InstanceBackup.Delete() function
- lxd/instance/instance/utils: backup.InstanceBackup usage
- lxd/instance/instance/interface: backup.InstanceBackup usage
- lxd/instance/drivers: backup.InstanceBackup usage
- lxd/rbac: Avoid tight retry loop
- lxd/rbac: Directly handle re-tries on 504
- lxd/backup/backup/utils: Adds TarReader function
- lxd/backup/backup/info: Changes Type field from api.InstanceType to Type
- lxd/backup/backup/info: Updates GetInfo to use TarReader
- lxc/backup: Updates backupWriteIndex to use backup.Type
- lxd/backup/backup/info: GetInfo consistent comment endings
- lxd/backup/backup/info: Updates GetInfo to support backup.Type
- lxd/db/backups: InstanceBackup comment
- lxd/db/backups: projectName argument renaming
- lxd/db/storage/volumes: Set Snapshot: true in StorageVolumeArgs returned from GetLocalStoragePoolVolumeSnapshotsWithType
- lxd/instance: Spacing
- lxd/storage/drivers/driver/btrfs/utils: Switches to backup.TarReader
- lxd/storage/drivers/driver/btrfs: Consistent comment ending
- lxd/storage/drivers/driver/zfs/volumes: consistent comment ending
- lxd/storage/drivers/generic/vfs: Consistent comment ending
- lxd/backup/backup/info: Adds note about legacy container.bin optimized type check
- lxd/backup/backup/instance: Fix old parent directory removal in InstanceBackup.Rename()
- lxd/backup/backup/config: Adds VolumeSnapshots to Config struct
- lxd/backup/backup/info: Adds Config field to Info struct
- lxd/backup/backup/info: Adds TypeCustom backup type for custom volumes
- lxd/backup/backup/volume: Adds custom volume type
- lxd/storage/volumes/backup: Adds custom volume backup route handlers
- client/interfaces: Add custom volume backup functions
- client/interfaces: Adds StoragePoolVolumeBackupArgs struct
- client/lxd/storage/volumes: Add custom volume backup functions
- api: Adds custom_volume_backup extension
- doc/rest-api: Documents custom volume backup routes
- lxc/storage/volumes: Add import and export for custom volumes
- lxd/backup: Adds volumeBackupCreate and volumeBackupWriteIndex functions
- lxd/api/1/0: Registers custom volume backup route handlers
- lxd/db/backups: Adds StoragePoolVolumeBackup type
- lxd/db/backups: Adds custom volume backup lifecycle functions
- lxd/db/cluster: Adds storage_volumes_backups table
- lxd/db/operations/types: Adds custom volume backup operations types
- lxd/db/storage/volume/snapshots: Adds GetStorageVolumeSnapshotsNames function
- lxd/storage/backend: Adds BackupCustomVolume and CreateCustomVolumeFromBackup functions
- lxd/storage/backend/lxd: Renames custom volume backups in RenameCustomVolume
- lxd/storage/backend/lxd: Deletes custom volume backups in DeleteCustomVolume
- lxd/storage/drivers/driver/btrfs/volumes: Adds support for optimized custom volume backups
- lxd/storage/drivers/driver/dir/volumes: Adds support for custom volume backups nil post hooks
- lxd/storage/drivers/driver/zfs/volumes: Adds support for optimized custom volume backups
- lxd/storage/drivers/driver/zfs/volumes: Adds support for custom volume backups nil post hooks
- lxd/storage/drivers/generic/vfs: Adds support for custom volume backups to genericVFSBackupVolume
- lxd/storage/drivers/generic/vfs: Adds support for custom volume backups to genericVFSBackupUnpack
- lxd/storage/pool/interface: Adds BackupCustomVolume and CreateCustomVolumeFromBackup
- lxd/storage/volume: Adds createStoragePoolVolumeFromBackup and hook in storagePoolVolumesTypePost
- lxd/storage/volumes/utils: Adds storagePoolVolumeBackupLoadByName function
- shared/api/storage/pool/volume: Adds custom volume backup structs
- test/suites/backup: Adds tests for custom volume backups
- i18n: Update translation template
- i18n: Update translations from weblate
- lxc: Always use HostPathFollow
- lxd/storage/drivers/generic/vfs: Fixes custom volume root dir ownership issue in genericVFSBackupUnpack
- test/suites/backup: Use project argument in test_backup_import_with_project
- test/suites/backup: Use project argument in test_backup_export_with_project
- test/suites/backup: Use project argument in test_backup_volume_export_with_project
- test/suites/backup: Adds test for backup import into different project in test_backup_import_with_project
- test/suites/backup: Comment consistency
- test/suites/backup: Add test for custom volume import
- test/suites/backup: Add test for importing custom volume into other project
- lxd/api: Restrict access to daemon config
- lxd/storage: Allow ceph/cephfs for images/backups
- client/interfaces: Adds Name field to InstanceBackupArgs
- client/lxd/instances: Adds custom name restore support to CreateInstanceFromBackup
- lxd/instance/drivers/qmp/monitor: Adds GetBalloonSizeBytes and SetBalloonSizeBytes
- lxd/instance/drivers/driver/qemu: Adds live shrinking of memory
- lxd/devices/config/devices/utils: Adds doc block for deviceEquals and deviceEqualsDiffKeys
- lxd/device/config/devices: Comment clean up
- lxd/device/config/devices: Improves comments and variable naming in Update
- lxd/device/config/devices: Fixes bug in Update where allChangedKeys only contains changed keys from last device
- lxd/instance/drivers/driver/lxc: Whitespace
- lxd/device/config/devices: Handles nil updateFields function in Update
- lxd/instance/drivers/driver/qemu: Removes logic duplication in live update
- lxc/import: Adds optional instance name argument to lxc import command
- lxd/instances/post: Adds custom name support for backup import to createFromBackup
- lxd/instances/post: createFromBackup usage in containersPost for custom backup name restore
- lxd/api/internal: Adds AllowNameOverride to internalImportPost
- lxd/api/internal: Override instance name in internalImport when AllowNameOverride is set
- client/interfaces: Adds Name field to StoragePoolVolumeBackupArgs to bring in line with InstanceBackupArgs
- client/lxd/storage/volumes: Updates CreateStoragePoolVolumeFromBackup to accept volume name override via X-LXD-name header
- lxc/storage/volume: Adds optional volume name argument to lxc storage volume import
- lxd/storage/volumes: Adds volName arg to createStoragePoolVolumeFromBackup
- lxd/storage/volumes: createStoragePoolVolumeFromBackup usage in storagePoolVolumesTypePost
- lxd/storage/backend/lxd: Updates CreateCustomVolumeFromBackup to support custom volume import name
- api: Adds backup_override_name extension
- test/suites/backup: Adds tests for custom volume import name override
- test/suites/backup: Adds instance import name override tests
- i18n: Update translation template
- doc/networks: Simplifies OVN single node setup instructions
- lxd/device/nic/ovn: Improves error message in Start
- lxd/network/driver/ovn: Implements DHCPv4Subnet and DHCPv6Subnet to allow static IPs to be set
- lxd/network/openvswitch/ovn: Fix spelling of OVNIPv6AddressModeDHCPStateful and OVNIPv6AddressModeDHCPStateless values
- lxd/network/driver/ovn: Adds support for ipv6.dhcp.stateful
- doc/networks: Documents ipv6.dhcp.stateful option for OVN networks
- shared/api: Not all disks have a device path
- lxd/resources: Ignore rbd devices
- shared/simplestreams: Fix stream's index download url
- lxd/device/device/interface: Adds NICState interface for getting NIC state
- lxd/device/nic/bridged: Implements NICState interface by adding State function
- lxd/instance/drivers/driver/qemu: Refactors RenderState to support multiple NIC types in the future
- lxd/network/openvswitch/ovn: Adds LogicalSwitchPortDynamicIPs function
- lxd/network/openvswitch/ovn: Updates LogicalSwitchPortSetDNS to use LogicalSwitchPortDynamicIPs
- lxd/network/driver/ovn: Adds instanceDevicePortDynamicIPs function
- lxd/network/network/utils/ovn: Adds OVNInstanceDevicePortDynamicIPs function
- lxd/device/nic/ovn: Implements NICState interface by adding State function
- lxd/instance/drivers/qmp/monitor: Renames GetMemoryBalloonSizeBytes
- lxd/instance/drivers/qmp/monitor: Renames SetMemoryBalloonSizeBytes
- lxd/instance/drivers/qmp/monitor: Adds GetMemorySizeBytes function
- lxd/instance/drivers/driver/qemu: Adds qemuDefaultMemSize constant
- lxd/instance/drivers/driver/qemu: Updates updateMemoryLimit to allow memory resize back to boot time size
- lxd/instance/drivers/driver/qemu: Updates IsRunning to not check for BROKEN state
- lxd/instance/drivers/driver/qemu: Updates statusCode() to detect if monitor failure with running VM
- lxd/apparmor: Allow access to zoneinfo files
- lxd/apparmor: Add /etc/localtime to the list
- lxd/project: Always allow cloud-init:config drives
- doc/image-handling: Cover publishing
- lxd/network/network/utils: Adds GetNeighbourIPs function
- lxd/network/network/utils: Updates GetLeaseAddresses to return only net.IP list
- lxd/device/nic/bridged: Updates State() to return partial data
- refuse empty passwords
- lxd/storage: Adds rsync.compression config key
- doc: Adds rsync.compression
- api: storage_rsync_compression
- tests: Valid rsync.compression
- doc/index: Add libsqlite3-dev back to dependencies
- lxd/firewall/drivers/driver/nftables: Updates nft parser to handle nft sets with composite
typefield - shared/validate/validate: Increases max MTU to 16384 to support super jumbo packets
- lxd/apparmor/forkproxy: Fix bad profile name
- lxd/apparmor/forkproxy: Allow writing to log path
- lxc: Better handle copy/move between projects
- lxd/apparmor: Fix version parsing
- lxd/dnsmasq: Switch to Parse for version parsing
- lxd/firewall/drivers: Fix to Parse for version parsing
- lxd/rsync: Switch to Parse for version parsing
- shared/version: Make patch optional
- lxd/networks: Log error in doNetworksCreate after failed create if cleanup fails too
- lxd/network/driver: Improve missing parent network error message
- lxd/network/driver/ovn: Moves uplink type agnostic parent port allocation logic into allocateParentPortIPs()
- lxd/network/driver/ovn: Better error messages
- lxd/network/driver/ovn: Moves parent port lock into deleteParentPort
- lxd/network/driver/ovn: Moves parent port lock into startParentPort
- lxd/network/driver/ovn: deleteParentPortBridge comments
- lxd/network/driver/ovn: Don't setup SNAT if no external uplink IPs
- lxd/network/driver/ovn: Makes setting up external router port and switch conditional on having external IPs
- lxd/network/driver/ovn: Removes old comment
- lxd/network/driver/ovn: Fix sentence in startParentPortBridge error
- lxd/network/driver/ovn: Fixes error message in setupParentPortBridge
- lxd/network/network/utils: Moves bridge related functions into own file
- static_analysis: exclude vendored headers from spell checking
- static_analysis: exclude .git
- shift_linux: vendor posix_acl_xattr.h
- seccomp: vendor bpf headers
- shares/validate: Whitespace
- lxd/network/openvswitch/ovn: Updates RecursiveDNSServer to be list of IPs
- lxd/network/driver/ovn: Updates allocateParentPortIPs to detect the parent network IP address and DNS settings
- lxd/network/driver/ovn: Updates n.allocateParentPortIPs usage
- lxd/network/driver/ovn: Updates setup IPv6 RDNSS setting
- lxd/apparmor/forkproxy: Socket path fixes
- lxd/images: Fix crash when no "info" struct
- doc/networks: Clarifies use of ovn ranges settings in bridge network
- lxd/util/net: Updates SysctlSet to support setting multiple keys
- shared/validate: Adds IsNetworkAddressList function
- lxd/network/network/utils: Adds VLANInterfaceCreate function
- lxd/device/device/utils/network: network.VLANInterfaceCreate usage
- lxd/device/device/utils/network: Removes NetworkRemoveInterface function
- lxd/network/network/utils: Adds InterfaceRemove and InterfaceExists functions
- lxd/network/network/utils: InterfaceExists usage
- lxd/device/device/utils/network: network.InterfaceRemove usage
- lxd/device/nic: network.InterfaceRemove usage
- lxd/network/driver/bridge: InterfaceExists usage
- lxd/network/driver/ovn: InterfaceExists usage
- lxd/network/network/utils: Adds InterfaceSetMTU function
- lxd/device: network.InterfaceSetMTU usage
- lxd/network/driver/ovn: Inherit MTU from uplink bridge for OVS bridge and connecting veth pair
- lxd/network/driver/ovn: Remove dependency on sysctl command and use util.SysctlSet instead
- lxd/network/driver: Improves comments
- api: Adds network_type_physical extension
- doc/networks: Adds docs for physical network type
- lxd/db/networks: Adds physical network type constant
- lxd/network/driver/physical: Adds physical driver
- lxd/network/driver/ovn: Adds support for physical network as uplink
- lxd/network/driver/physical: Change checkParentUse to return a bool if in use
- lxd/network/driver/ovn: Changes uplink network in use check to look at LXD DB
- lxd/network/driver/ovn: Handle uplink network changing
- lxd/network/driver/ovn: Comment clarity
- lxd/storage/pools: Gives clear error message when trying to create duplicate storage pool in single node
- lxd/events: Validate type
- lxd/events: Prevent logging access to non-admin
- lxd/daemon: Clean shutdown on SIGPWR/SIGTERM
- lxd/operations: Don't directly trigger shutdown
- lxd: Prevent internal cluster migration of instances with backups
- lxd/instance/drivers: Enable USB for VMs
- lxd/instance/drivers: Add USB controller to QEMU config
- lxd/apparmor: Fix devPaths in QEMU profile
- db: Retry transient errors for longer
- db: Always retry driver.ErrBusy, regardless of the error message
- db: Retry failed rollbacks if they are due to transient errors
- db: Explicitly rollback leftover transactions when a new one can't be started
- db: Retry to begin a new transaction after an explicit rollback attempt
- lxd/operations: Fix timeout
- lxd/daemon: Allow more operations during shutdown
- lxd/include: Relocate ifndef for NEWCGROUP
- doc: Remove stray _ escapes in security.md
- lxc-to-lxd: Handle snap better
- lxd/device/usb: Allow USB devices for VMs
- lxd/device: Add bus and dev number to USBEvent
- lxd/apparmor: Allow USB specific paths
- lxd/device/config: Add USBDevice to RunConfig
- lxd/events: Handle default permissions in projects
- lxd/dnsmasq: Adds 100ms sleep to successful Kill() to allow sockets to be released by OS
- lxd/instance/drivers/driver/qemu: Restores ability to resize VM disks
- lxd/device/disk: Adds comment about VM instances depending on CanHotPlug fields for stopped disk resize
- lxd/instance/qemu: Fix bad event name
- lxd/storage: Check base image is available locally
- lxd/storage/drivers/driver/lvm: Don't remove empty thinpool and volume group if lvm.vg.force_reuse enabled
- shared/validate/validate: Removes inaccurate comments about optional values
- shared/validate/validate: Adds IsNetwork and IsNetworkList functions
- shared/validate/validate: Re-orders IP validation functions
- lxd/device/nic/ovn: Comment
- doc/api-extensions: Removes mention of "parent" from projects_networks_restricted_uplinks feature
- doc/networks: Switch to "uplink" terminology for external OVN network access
- lxd/network/driver/ovn: Replace parent terminology with uplink
- lxd/network/driver/common: Ban : char from network names in ValidateName()
- lxd/device: Handle USB devices for VMs
- lxd/instance/drivers: Add qemuUSBDev template
- lxd/instance/drivers: Add USB devices to qemu config
- Revert "lxd/instance/drivers: Enable USB for VMs"
- lxd/driver/qemu: Add spice usb ports
- lxd-agent: Fix defer in for loop
- forksyscall: use correct function
- shared/util.go: use string method with stdout and stderr
- simplestreams.go: remove unneeded fmt.Sprintf and simplify getImages()
- lxd/instance/drivers: Updates templateApplyNow to close files at end of each iteration
- lxd/network/network/utils: Adds SubnetContains function
- lxd/network/network/utils: Adds SubnetIterate function
- lxd/network/network/utils: Adds SubnetParseAppend function
- api: Adds network_ovn_external_subnets extension
- doc/networks: Adds ipv4.routes and ipv6.routes settings to physical network
- lxd/network/driver/physical: Adds ipv4.routes and ipv6.routes config keys
- doc/projects: Removes trailing full stop
- doc/projects: Adds restricted.networks.subnets
- lxd/api/project: Adds restricted.networks.subnets config key
- lxd/api/project: Moves projectConfigKeys inside projectValidateConfig and adds state
- lxd/api/project: projectValidateConfig usage
- lxd/api/project: Adds projectValidateRestrictedSubnets function
- lxd/api/project: Adds restricted.networks.subnets validation to projectValidateConfig
- doc/networks: Adds ipv4.routes.external and ipv6.routes.external to ovn networks
- lxd/network/openvswitch/ovn: Adds LogicalRouterRouteDelete function
- lxd/network/openvswitch/ovn: Updates LogicalSwitchPortSetDNS to return IPs used for DNS records
- lxd/network/openvswitch/ovn: Adds LogicalRouterDNATSNATAdd function
- lxd/network/openvswitch/ovn: Adds LogicalRouterDNATSNATDelete function
- lxd/network/openvswitch/ovn: Updates LogicalRouterRouteAdd to support mayExist argument
- lxd/network/network/utils/ovn: Updates OVNInstanceDevicePortAdd to take an externalRoutes argument
- lxd/network/network/utils/ovn: Updates OVNInstanceDevicePortDelete to accept an externalRoutes argument
- lxd/network/driver/ovn: Moves uplink network validation into validateUplinkNetwork function
- lxd/network/driver/ovn: Updates Validate to check network exists and checks external IP routes
- lxd/network/driver/ovn: Adds DNS revert to instanceDevicePortAdd
- lxd/network/driver/ovn: client.LogicalRouterRouteAdd usage
- lxd/network/driver/ovn: Adds externalRoutes support to instanceDevicePortAdd
- lxd/network/driver/ovn: Delete externalRoutes in instanceDevicePortDelete
- forkmount: improve
- seccomp: improve logging for the seccomp notifier
- seccomp: make sure that insertMountLXD() doesn't call into LXC
- lxd/device/nic: Adds ipv4.routes.external and ipv6.routes.external to nicValidationRules
- lxd/device/nic/ovn: Adds support for ipv4.routes.external and ipv6.routes.external
- doc/instances: Adds ovn NIC documentation
- doc/instances: Re-works NIC device docs to explain nictype and network fields
- lxd/network/driver/ovn: Adds support for OVN NIC internal routes
- lxd/network/network/utils/ovn: Adds OVN NIC internal route support to OVNInstanceDevicePortAdd and OVNInstanceDevicePortDelete
- lxd/device/nic/ovn: Adds ipv4.routes and ipv6.routes settings for internal route support
- lxd/network/driver/bridge: Fixes inconsistency between normal bridge and fan bridge default ipv4.nat value
- api: Adds network_ovn_nat extension
- doc/networks: Adds ipv4.nat and ipv6.nat to OVN networks
- lxd/network/driver/ovn: Adds ipv4.nat and ipv6.nat support
- lxd/patches: Adds patchNetworkOVNEnableNAT patch to enable NAT on OVN networks
- i18n: Update translations from weblate
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.6 リリースのお知らせ¶
18th of September 2020
はじめに ¶
LXD チームは LXD 4.6 のリリースをお知らせできることにとてもワクワクしています!
このリリースは短い開発サイクルでしたが、それでもかなり忙しいリリースでした。
このリリースのハイライトは、LXD プロジェクト内にネットワークを置くことができるようになったことに間違いありません。これで共有 LXD 環境内に自前のネットワークが作成できるようになりました。
Enjoy!
新機能とハイライト ¶
プロジェクト内のネットワーク ¶
OVN ネットワークに関するこれまでの作業をもとに、プロジェクト内に新たに features.networks が設定できるようになりました。これによりプロジェクトは OVN ベースで、他のプロジェクトから見えない自身のネットワークを持てるようになりました。
stgraber@castiana:~$ lxc network list +---------+------+---------+-----------------+---------------------------+-------------------------------------+---------+---------+ | NAME | TYPE | MANAGED | IPV4 | IPV6 | DESCRIPTION | USED BY | STATE | +---------+------+---------+-----------------+---------------------------+-------------------------------------+---------+---------+ | default | ovn | YES | 10.187.181.1/24 | fd42:bb2b:e7d1:f3ba::1/64 | Default OVN network for the project | 3 | CREATED | +---------+------+---------+-----------------+---------------------------+-------------------------------------+---------+---------+
この機能を有効にすると、ホストインタフェースと OVN 以外のネットワークは見えなくなり、プロジェクトが直接所有するネットワークだけが残ります。
qemu 用の AppArmor プロファイル ¶
過去のリリースでの色々なサブプロセスに対する AppArmor プロファイルの生成に加えて、このリリースでは LXD 仮想マシンで使う qemu の制約が設定されるようになりました。
このリリースで raw.apparmor を仮想マシンに導入します。これは raw.qemu と同時に使われるときのみ有効です。通常の LXD 設定オプションは LXD が生成したプロファイルによって処理されます(そうでなければバグです)。
Dqlite の変更 ¶
LXD 4.5 をリリースした直後に、dqlite に大きな変更が加えられました。
ファイルシステムへの書き込みをインターセプトして、他のノードへのレプリケーションを行うためのフックを追加した sqlite3 のフォークに頼るのでなく、標準の sqlite3 から VFS アクセスを取得するこれまでとは異なるアプローチを使用するようになりました。
これはユーザーからは見えませんが、カスタムの sqlite3 と libco というふたつの依存関係を削除することで、パッケージを作成する際の助けになるでしょう。
dqlite を使う LXD は、標準の sqlite3 3.25 以上を使えるようになりました。
すべての変更点(翻訳なし) ¶
このリリースでの完全な変更点のリストは次のとおりです:
- shared/log15: Fix due to recent unix change
- Handle signals in non-interactive sessions.
- Fix hang when control is not provided in non-interactive mode.
- lxd/db/cluster: Fix incorrect storage volume node IDs
- lxd/db/cluster: Fix node id nil values
- lxd/storage/volumes: Only apply config changes when restoring snapshot if non-nil config is supplied
- lxd/network/driver/bridge: Exclude /32 underlay addresses from overlay address generation
- lxd/network/driver/ovn: Removes unnecessary dnsmasq logic in deleteParentPortBridge
- lxd/device/device/utils/network: Removes networkRandomDevName
- lxd/network/network/utils: Adds RandomDevName function
- lxd/device: network.RandomDevName usage
- lxd/network: Adds Description function
- api: Adds network_bridge_ovn_bridge API extension
- lxd/network/driver/ovn: Updates parentPortBridgeVars to use ovn.ovs_bridge from parent network
- lxd/network/driver/bridge: Adds ovn.ovs_bridge config key for OVN networks using bridge as parent
- doc/api: Removes underscore escaping when used inside backticks
- doc/networks: Adds ovn.ovs_bridge key to bridge networks
- lxd/instance/drivers: Fixes crash when removing device that can't be loaded
- lxd/db/cluster: Adds networks to project usage view
- lxc/storage_volume: Fix usage string
- po: Update translations
- lxd/network/driver/ovn: Add and delete local chassis ID to HA chassis group on start/stop
- lxd/network/openvswitch/ovn: Adds ChassisGroupChassisDelete function
- lxd/network/driver/ovn: Adds ovn.name setting to store OVN logical network name
- doc/networks: Adds ovn.name to OVN network doc
- api: Adds network_ovn_name API extension
- lxd/drivers/qemu: Use gic-version=max on aarch64
- seccomp: fix compilation on kernels without proper bpf.h
- lxc/config: Update wording for profile/config
- i18n: Update translation templates
- lxc/export: Support writing to stdout
- Drop custom SQLite and libco
- validate: Consider + as unsafe in URL
- lxd/instance/snapshots: Restrict naming
- db: Handle NULL storage_volume description column in patch 34
- lxd/storage/drivers/utils: Corrects argument order of mkfs in makeFSType for wider compatibility
- Revert "api: Adds network_ovn_name API extension"
- Revert "doc/networks: Adds ovn.name to OVN network doc"
- Revert "lxd/network/driver/ovn: Adds ovn.name setting to store OVN logical network name"
- Revert "doc/networks: Adds ovn.ovs_bridge key to bridge networks"
- Revert "lxd/network/driver/bridge: Adds ovn.ovs_bridge config key for OVN networks using bridge as parent"
- Revert "lxd/network/driver/ovn: Updates parentPortBridgeVars to use ovn.ovs_bridge from parent network"
- lxd/network/driver/ovn: Removes unused import
- lxd/network/driver/ovn: Removes unnecessary network ID lookup
- lxd/api/cluster: Start networks after cluster join
- lxd/networks: Only call n.Start() during doNetworksCreate if client type isn't joiner
- lxd/network/driver/ovn: Adds pause between chassis group entry deletion and uplink port removal
- lxd/network/driver/ovn: parentPortBridgeVars whitespace
- Revert "api: Adds network_bridge_ovn_bridge API extension"
- lxd/db/cluster/update: Adds features.networks to default project
- lxd/project: Adds NetworkProject function
- lxd/db/networks: Updates networkState and usage to support projects
- lxd/db/networks: Updates getNetwork and usage to support projects
- lxd/network/network/utils: Updates IsInUseByInstance to translate instance's project to a network project
- lxd/network/network/utils: Updates isInUseByDevices to support projects
- lxd/network/network/utils: Updates IsInUseByProfile to accept a db.Profile rather than api.Profile
- lxd/network/network/utils: Updates UpdateDNSMasqStatic to use default project
- lxd/network/network/utils: Updates GetLeaseAddresses to use default project
- lxd/network/network/utils: Adds UsedBy function and unexports related functions not used elsewhere
- lxd/db/networks: Updates GetNonPendingNetworks to return a map of project networks
- lxd/network/driver/ovn: Updates parentAllAllocatedIPs to use update GetNonPendingNetworks
- lxd/network/network/utils: Adds network usage by other networks detection in UsedBy
- lxd/network/driver/common: Updates IsUsed to use UsedBy
- lxd/network/driver/bridge: Adds existing interface check as Create function
- lxd/network/driver/bridge: Push down interface name conflict check to Rename
- lxd/network/driver: Removes duplicated "in use" check that is now done at top level
- lxd/profiles/utils: Renames project arg to projectName in doProfileUpdate
- lxd/profiles: Updates usage of ValidDevices in profilesPost
- lxd/patches: Updates to support network projects
- lxd/networks/utils: Removes networkGetInterfaces function
- lxd/networks/utils: Updates networkUpdateForkdnsServersTask to support projects
- lxd/networks: Updates networkPost validation
- lxd/networks: Updates networksGet to support projects
- lxd/networks: Updates networksPost to support projects
- lxd/networks: Updates networksPostCluster to support projects
- lxd/networks: Updates doNetworksCreate to support projects
- lxd/networks: Updates networkGet to support projects
- lxd/networks: Updates doNetworkGet to support projects and to use network.UsedBy
- lxd/networks: Updates networkDelete to support projects
- lxd/networks: Updates networkPost to support projects
- lxc/networks: Updates networkPut to support projects
- lxd/networks: Updates doNetworkUpdate to support projects
- lxd/networks: Updates networkLeasesGet to support network projects
- lxd/networks: Updates networkStartup and networkShutdown to load networks from all projects
- lxd/network/network/load: Updates load functions to support projects
- lxd/network/network/interface: Adds project name to init function
- lxd/network/driver/common: Adds project support
- lxd/network/driver/ovn: Load parent network from default project
- lxd/device/nictype: Adds conversion of device project to network project for NICType validation
- lxd/instance/instance/utils: Project name is needed to validate instance devices
- lxd/instance: instance.ValidDevices project argument usage
- lxd/instance/drivers/driver/lxc: instance.ValidDevices project usage
- lxd/instance/drivers/driver/lxc: Error quoting
- lxc/instance/drivers/driver/lxc: nictype.NICType project usage
- lxd/instance/drivers/driver/qemu: instance.ValidDevices project usage
- lxd/instance/drivers/driver/qemu: nictype.NICType project usage
- lxd/instance/drivers/load: Adds project support to validDevices
- lxd/device/device/load: Adds project support to load function
- lxd/device/device/utils/network: Use default project for veth route functions
- lxd/device/nic/bridged: Use default project for bridge networks
- lxd/device/nic/macvlan: Use default project for macvlan networks
- lxd/device/nic/ovn: Load parent network's project from instance's project
- lxd/device/nic/sriov: Use default project for parent network
- lxd/device/proxy: NICType project usage
- lxd/network/driver/common: Send project when notifying nodes of network changes
- lxd/networks: Send project when creating network on remote node
- lxd/db/migration/test: Add network project support
- lxd/cluster/membership/test: Add network project support
- lxd/api/cluster: Uses default project for networks during cluster join
- lxd/networks: Updates networksPostCluster to use tx.GetNetworkID with project
- lxd/db/networks: Adds project support to CreatePendingNetwork
- lxd/db/networks: Adds project support to GetNetworkID
- lxd/db/networks/test: Updates GetNetworkID usage with project
- shift_linux: tweak ACL handling
- tar_write: switch to PAXRecords to preserve ACLs too
- doc/projects: Adds features.networks
- lxc/project: Adds features.networks to project list output
- lxd/api/project: Adds features.networks support but does not enable by default
- lxd/init: Updates initDataNodeApply to return a revert function
- lxd/main/init: Updates Run to use revert
- lxd/api/cluster: Adds project support for networks
- lxd/api/cluster: Updates clusterPutJoin to use revert
- lxd/api/cluster: Updates clusterInitMember to return a revert function
- lxd/api/cluster: Logging quoting
- lxd/api/cluster: clusterPutJoin project support
- lxd/api/cluster: clusterInitMember project support
- lxd/api/cluster: Adds NetworksPost to internalClusterPostNetwork
- lxd/api/cluster: Checks network types match in clusterCheckNetworksMatch
- lxd/init: Adds internalClusterPostNetwork to initDataNode
- lxd/init: initDataNodeApply project support
- lxd/init: initDataNodeApply comment consistency
- lxd/main/init/auto: Updates RunAuto to send internalClusterPostNetwork
- lxd/main/init/dump: Updates RunDump to use internalClusterPostNetwork
- lxd/main/init/interactive: Updates RunInteractive to use internalClusterPostNetwork
- lxd/main/init/interactive: Updates askNetworking to use internalClusterPostNetwork
- lxd/network: Adds Info struct and function
- lxd/network/network/load: Renames ValidateName to ValidateNameAndProject
- lxd/network/driver/ovn: Adds Info function
- lxd: network.ValidateNameAndProject usage
- lxd/network/driver/ovn: deleteParentPort fixed to allow deletion of network with no parent
- lxd/project: Updates NetworkProject to return project config
- doc/project: Adds limits.networks setting
- lxd/api/project: Adds limits.networks setting
- lxd/networks: Enforces limits.networks in networksPost
- lxd: project.NetworkProject usage
- lxd/networks: Don't allow non-default network projects to access info about the physical interfaces in doNetworkGet
- lxd/api/cluster: Create or update local node projects to sync with cluster in clusterInitMember
- i18n: Update translation templates
- shift_linux: handle ACL unshifting correctly
- shift_linux: handle capability unshifting correctly
- shift_linux: converty to CBytes not to CString
- lxc/utils: Add usage function
- lxc: Drop command name from translation
- i18n: Update translation template
- shared/subprocess: Set err on non-zero
- lxd/instances/qemu: Use subprocess
- lxd/instance: Add DevPaths
- lxd/apparmor: Fix unload/delete
- lxd/apparmor/instance: Sort context
- lxd/apparmor: Prepare for qemu
- lxd/apparmor: Add qemu profile
- lxd/instance/drivers/driver/qemu: Switch to threads locking mode and writeback cache mode for BTRFS
- doc/instance: raw.apparmor now implemented for VM
- lxd/apparmor: Tweak qemu profile for non-snap
- shared/idmap/shift/linux: Handle nil IdmapSet in UnshiftACL and UnshiftCaps
- shared/instancewriter/instance/tar/writer: Handle nil idmapSet and log shifting errors in WriteFile
- lxc: Better handle arguments
- lxc: Unbundle sortorder
- lxd/util/sys: Fixes GetExecPath when lxd binary has been removed/changed
- lxd/db/images: Error message uppercase first letter
- i18n: Update translations from weblate
- lxd/instance: Adds instanceImageTransfer and updates instanceCreateFromImage to use it
- lxd/daemon/images: Error quoting
- lxd/daemon/image: Adds logic to download image from another cluster node into ImageDownload
- lxd/db/images/test: Fixes tests for LocateImage
- test/suites/clustering: Adds test for image transfer between cluster nodes
- bash-completion: use "list --format=csv" consistently
- bash-completion: use regex grouping for
lxc start - lxd/instance/qemu: Fix mem device naming
- proxy bind= should accept host|instance as the doc says
- Valid proxy type= values are all lower case so fix doc
- s/descriptros/descriptors/
- Revert "lxd/network/driver/bridge: Exclude /32 underlay addresses from overlay address generation"
- lxd/network/driver/bridge: Skip lo interface when generating fan overlay address in addressForSubnet
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.5 リリースのお知らせ¶
29th of August 2020
はじめに ¶
LXD チームは LXD 4.5 のリリースをお知らせできることにとてもワクワクしています!
これは LXD の非常に忙しいリリースです。主なハイライトは、ネットワークオプションに OVN が加わったことであることは間違いありません。
さらに、bpf システムコールのインターセプトと pts デバイスの新たな割り当てロジックという、コンテナサポートで歓迎すべき改良がいくつか加わりました。
最後に、リモートストレージの改良と新しい AppArmor プロファイルに対する改良による、セキュリティとクラスタリングに対する素晴らしい改良が行われました。
Enjoy!
新機能とハイライト ¶
OVN 仮想ネットワークの初期サポート ¶
LXD 4.5 には OVN 仮想ネットワークのサポートが含まれます。
これは通常の LXD が管理するネットワークとして定義でき、これまでのブリッジと非常に似ています。しかし、クラスターノードをまたぐことができますし、サブネットが重複したり競合したりできます。
これは OVN を使って実現されています。そして、次の LXD リリースでは LXD プロジェクト内部のネットワークの基礎となります。LXD の OVN ネットワークは、親となる管理されたネットワークが必要です。現状では管理されたブリッジのみがサポートされます(SR-IOV と macvlan は 4.6 で対応予定)。
現時点では、ホスト上で OVN と Open vSwitch がセットアップされていれば、LXD で仮想ネットワークを作成できますし、通常のブリッジに対する方法と同じようにインスタンスに接続できます。
(4.5 の snap を使った Ubuntu 20.04 LTS での実行例です)
root@nuc01:~# apt install ovn-host ovn-central --yes [snip] root@nuc01:~# snap install lxd --channel=latest/candidate lxd (candidate) 4.5 from Canonical✓ installed root@nuc01:~# ovs-vsctl set open_vswitch . \ > external_ids:ovn-remote=unix:/var/run/ovn/ovnsb_db.sock \ > external_ids:ovn-encap-type=geneve \ > external_ids:ovn-encap-ip=172.17.16.139 root@nuc01:~# lxd init --auto root@nuc01:~# lxc network list +--------+----------+---------+----------------+---------------------------+-------------+---------+ | NAME | TYPE | MANAGED | IPV4 | IPV6 | DESCRIPTION | USED BY | +--------+----------+---------+----------------+---------------------------+-------------+---------+ | br0 | bridge | NO | | | | 0 | +--------+----------+---------+----------------+---------------------------+-------------+---------+ | br-int | bridge | NO | | | | 0 | +--------+----------+---------+----------------+---------------------------+-------------+---------+ | eno1 | physical | NO | | | | 0 | +--------+----------+---------+----------------+---------------------------+-------------+---------+ | lxdbr0 | bridge | YES | 10.19.114.1/24 | fd42:56de:74c7:40f5::1/64 | | 1 | +--------+----------+---------+----------------+---------------------------+-------------+---------+ root@nuc01:~# lxc network set lxdbr0 ipv4.dhcp.ranges=10.19.114.2-10.19.114.199 root@nuc01:~# lxc network set lxdbr0 ipv4.ovn.ranges=10.19.114.200-10.19.114.254 root@nuc01:~# lxc network set lxdbr0 ipv6.ovn.ranges=fd42:56de:74c7:40f5::200-fd42:56de:74c7:40f5::254 root@nuc01:~# lxc network create my-virtual-01 network=lxdbr0 --type=ovn Network my-virtual-01 created root@nuc01:~# lxc network create my-virtual-02 network=lxdbr0 --type=ovn Network my-virtual-02 created root@nuc01:~# lxc network list +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | NAME | TYPE | MANAGED | IPV4 | IPV6 | DESCRIPTION | USED BY | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | br0 | bridge | NO | | | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | br-int | bridge | NO | | | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | eno1 | physical | NO | | | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | lxdbr0 | bridge | YES | 10.19.114.1/24 | fd42:56de:74c7:40f5::1/64 | | 1 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | lxdovn1 | bridge | NO | | | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | my-virtual-01 | ovn | YES | 10.178.251.1/24 | fd42:39c7:797c:7977::1/64 | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | my-virtual-02 | ovn | YES | 10.82.211.1/24 | fd42:5045:b316:b251::1/64 | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ root@nuc01:~# lxc network create my-virtual-03 network=lxdbr0 ipv4.address=10.82.211.1/24 ipv6.address=fd42:5045:b316:b251::1/64 --type=ovn Network my-virtual-03 created root@nuc01:~# lxc network list +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | NAME | TYPE | MANAGED | IPV4 | IPV6 | DESCRIPTION | USED BY | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | br0 | bridge | NO | | | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | br-int | bridge | NO | | | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | eno1 | physical | NO | | | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | lxdbr0 | bridge | YES | 10.19.114.1/24 | fd42:56de:74c7:40f5::1/64 | | 1 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | lxdovn1 | bridge | NO | | | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | my-virtual-01 | ovn | YES | 10.178.251.1/24 | fd42:39c7:797c:7977::1/64 | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | my-virtual-02 | ovn | YES | 10.82.211.1/24 | fd42:5045:b316:b251::1/64 | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+ | my-virtual-03 | ovn | YES | 10.82.211.1/24 | fd42:5045:b316:b251::1/64 | | 0 | +---------------+----------+---------+-----------------+---------------------------+-------------+---------+
このセットアップでは、3 つの OVN ネットワークが存在します。そのうち 2 つは意図的に全く同じ IPv4/IPv6 サブネットを共有しており、分離された状態を見ることができます。
root@nuc01:~# lxc init images:ubuntu/20.04 u1 Creating u1 root@nuc01:~# lxc init images:ubuntu/20.04 u2 Creating u2 root@nuc01:~# lxc init images:ubuntu/20.04 u3 Creating u3 root@nuc01:~# lxc config device add u1 eth0 nic name=eth0 network=my-virtual-01 Device eth0 added to u1 root@nuc01:~# lxc config device add u2 eth0 nic name=eth0 network=my-virtual-02 Device eth0 added to u2 root@nuc01:~# lxc config device add u3 eth0 nic name=eth0 network=my-virtual-03 Device eth0 added to u3 root@nuc01:~# lxc start u1 u2 u3 root@nuc01:~# lxc list +------+---------+---------------------+-----------------------------------------------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +------+---------+---------------------+-----------------------------------------------+-----------+-----------+ | u1 | RUNNING | 10.178.251.2 (eth0) | fd42:39c7:797c:7977:216:3eff:fe3a:6498 (eth0) | CONTAINER | 0 | +------+---------+---------------------+-----------------------------------------------+-----------+-----------+ | u2 | RUNNING | 10.82.211.2 (eth0) | fd42:5045:b316:b251:216:3eff:fe7d:7826 (eth0) | CONTAINER | 0 | +------+---------+---------------------+-----------------------------------------------+-----------+-----------+ | u3 | RUNNING | 10.82.211.2 (eth0) | fd42:5045:b316:b251:216:3eff:fe9d:52af (eth0) | CONTAINER | 0 | +------+---------+---------------------+-----------------------------------------------+-----------+-----------+
bpf システムコールインターセプションの初期実装 ¶
bpf システムコールに対するシステムコールインターセプションを有効化できるようになりました。これはコンテナの security.syscalls.intercept.bpf を使ってコントロールできます。
この機能を有効にした場合、特定のタイプの bpf プログラムを有効にしなければなりません。現時点では、security.syscalls.intercept.bpf.devices のみをサポートします。この機能は、device cgroup に紐付けられたプログラムをコンテナ内から読み込めるようにしています。
警告: 実際のプログラムで行われるバリデーションは、ホストからの明確な DoS を避けるための単純なサイズチェックのみです。この機能を有効にしたコンテナでは、かなり複雑な bpf プログラムをロードできます。そしてコンテナのスコープ外の情報を取得する可能性があります。信用できないコンテナに対しては許可するべきではありません。
ネイティブなターミナルデバイスの割り当てのサポート ¶
これまで、lxc exec のような操作のためのデバイス割り当てはホストシステムの devpts を通して行われていました。これは、コンテナのファイルシステムにアクセスしたり、ユーザーがコンテナ内の /dev/pts を何か悪意のあるものでマスクしたりすることを防ぐためのセキュリティの手段として行われていました。しかし、このアプローチには問題があります。コンテナ内部で見える制御デバイスは(外部に属するため)解決できないからです。
カーネルと LXC の作業で、コンテナ起動時に最初にマウントされる devpts インスタンスを安全に追跡できるようになりました。そして、コンテナ内の現在のマウントテーブルとやりとりすることなく、デバイスを割り当てできるようになりました。
これによる目に見える効果には次のようなものがあります。stdin/stdout/stderr 上で何かをリダイレクトする時に AppArmor ポリシーが混乱しにくくなったり、他の様々なソフトウェアが is-a-tty タイプのチェックを行うようなことがより通常の方法で動作するようになったりしました。
VGA コンソールが Windows 上で動くようになりました ¶
Windows ユーザーは、virt-viewer を Chocolatey 経由かマニュアルでインストールできるようになりました。インストールすると、仮想マシンで lxc console --type=VGA を実行した場合に自動的にそれを検出し、使います。
リモートのストレージプールの扱いの改良 ¶
これまで、リモートのストレージプールにあるカスタムボリュームの処理方法は、クラスターメンバーごとにひとつのレコードを持つことで行われていました。これは、特にスナップショットを考慮すると、多数の重複するデータが生じていました。
スナップショットについては、ボリュームの重複のために、自動化されたスナップショットが各クラスターメンバーごとに発生し、意図したよりも多くのスナップショットと全体的な負荷につながっていました。
新たなデータベースの設計でこれはすべて解決しました。この設計では、シングルボリュームのエントリーが保持され、クラスター化されているとマークされます。したがって、特定のクラスターメンバーに結び付けられることはなくなりましたし、スケジュールされたスナップショットは、安定したハッシュメカニズムを使ってクラスター全体に分散するようになり、現在オンラインのクラスターメンバーがそれをどのように処理するかを決定します。
forkdns と forkproxy が AppArmor の制限のもとで実行されるようになりました ¶
LXD 4.4 での dnsmasq の制限に続き、LXD 4.5 では forkdns も制限するようになりました。このプロセスは、LXD クラスター上で Fan ベースのネットワークが実行されているときに使います。その名前のとおり、forkdns はすべてのクラスターメンバーに対するクエリを効果的に複製することで DNS 処理を行います。この制限により、重要なデータへのアクセスによる攻撃の可能性を防ぐことができます。
同様に、NAT ではない proxy デバイスで使われる forkproxy も、自身の AppArmor プロファイルを持っています。これは、アクセスする前提であるソケットと、プロキシーを行うのに必要なカーネルインフラストラクチャーの部分のみに制限をします。
lxc move でクラスターのターゲットを指定できるようになりました ¶
クラスター外部からクラスターにインスタンスを移動する際、--target を与えることで、インスタンスをホストするクラスターメンバーを指定できるようになりました。
すべての変更点(翻訳なし) ¶
このリリースでの完全な変更点のリストは次のとおりです:
- lxc/move: Allow --target with cluster destination
- i18n: Update translation templates
- lxd/networks: Validate network config before starting networks on startup
- lxd/network/driver/common: Call init() in update() to consistency apply new internal state
- lxd/device/device/utils/network: Removes networkDHCPValidIP
- lxd/dnsmasq/dhcpalloc: Adds static DHCP allocation package for dnsmasq
- lxd/dnsmasq: Renames DHCPStaticIPs to DHCPStaticAllocation
- lxd/dnsmasq: Renames DHCPAllocatedIPs to DHCPAllAllocations
- lxd/network/network/utils: Removes GetIP
- lxd/network/network/utils: dhcpalloc.GetIP usage
- lxd/network/network/utils: dnsmasq.DHCPStaticAllocation usage
- lxd/network/network/interface: Changes of functions to accommodate dhcpalloc package
- lxd/network/driver/common: Implements default no-op function for non-dhcp enabled networks
- lxd/network/driver/common: dhcpalloc.DHCPRange usage
- lxd/network/driver/bridge: dhcpalloc package function usage
- lxd/network/driver/bridge: DHCPv4Subnet and DHCPv6Subnet implementations
- lxd/device/nic/bridged: Comment correction
- lxd/device/nic/bridged: n.DHCPv4Subnet and n.DHCPv6Subnet usage
- lxd/device/nic/bridged: dnsmasq.DHCPStaticAllocation usage
- lxd/device/nic/bridged: dhcpalloc.DHCPValidIP usage
- lxd/device/nic/bridged: Switches static DHCP allocation for IP filtering to dnsmasq/dhcpalloc
- lxd/main_activateifneeded: Clarify 'No DB' debug statements
- lxd/cluster: Fix failure domain updates
- tests: Fix failure domain test
- doc: s/container/instance/g
- doc/backup: Add note about the snap mntns
- lxd/apparmor: Don't fail on missing apparmor
- shared/validate: Makes IsUint32 non-optional
- lxd: Wraps validate.IsUint32 in validate.Optional
- shared/instance: Wraps validate.IsUint32 in validate.Optional
- shared/validate: Makes IsUint8 non-optional
- lxd/network/driver/bridge: Wraps validate.IsUint8 in validate.Optional
- shared/validate: Makes IsPriority non-optional
- shared/instance: Wraps validate.IsPriority in validate.Optional
- shared/validate: Makes IsBool non-optional
- lxd: Wraps validate.IsBool in validate.Optional
- shared/instance: Wraps validate.IsBool in validate.Optional
- shared/validate: Makes IsSize non-optional
- lxd: Wraps validate.IsSize in validate.Optional
- shared/instance: Wraps validate.IsSize in validate.Optional
- shared/validate: Makes IsNetworkAddress non-optional
- lxd: Wraps validate.IsNetworkAddress in validate.Optional
- shared/validate: Makes IsNetworkV4 non-optional
- lxd/network/driver/bridge: Wraps validate.IsNetworkV4 in shared.Optional
- shared/validate: Makes IsNetworkAddressV4 non-optional
- lxd/device/nic: Wraps validate.IsNetworkAddressV4 in validate.Optional
- lxd/device/nic/ipvlan: Wraps validate.IsNetworkAddressV4 in validate.Optional
- lxd/device/nic/ipvlan: Fixes incorrect IPv4 address check in IPv6 context
- lxd/network/driver/bridge: Wraps validate.IsNetworkAddressV4 in validate.Optional
- shared/validate: Makes IsNetworkAddressCIDRV4 non-optional
- lxd: Wraps validate.IsNetworkAddressCIDRV4 in validate.Optional
- shared/validate: Makes IsDeviceID non-optional
- lxd/device: Wraps validate.IsDeviceID in validate.Optional
- shared/validate: Makes IsNetworkV6 non-optional
- shared/validate: Makes IsNetworkAddressCIDRV6 non-optional
- lxd: Wraps validate.IsNetworkAddressCIDRV6 in validate.Optional
- shared/validate: Makes IsNetworkAddressV6 non-optional
- lxd: Wraps validate.IsNetworkAddressV6 in validate.Optional
- lxd/device/nic/ipvlan: validate.IsNetworkAddressVX tweaks
- lxd/device/nic/routed: Wraps validate.IsNetworkAddressV4List in validate.Optional
- lxd: Wraps validate.IsNetworkV4List and validate.IsNetworkV6List in validate.Optional
- shared/validate: Tweaks IsNetworkVLAN error message ordering
- shared/validate: comment spacing
- daemon: check whether shiftfs is usable
- lxd/network/network/utils: Renames ValidNetworkName to validInterfaceName
- lxd/network/network/utils: Adds validVirtualNetworkName
- lxd/network/network/interfaces: Adds ValidateName
- lxd/network/driver/bridge: Implements ValidateName
- lxd/network/driver/macvlan: Implements ValidateName
- lxd/network/driver/sriov: Implements ValidateName
- lxd/network/network/load: Adds ValidateName helper function
- lxd/main/init/interactive: Switches to network.ValidateName for bridge validation
- lxd/networks: Switches to network.ValidateName
- lxd/storage/utils: Simplifies error message from ValidName
- doc/networks: Fixes typo in bridge docs
- lxd/cluster/config: Fix import ordering of external package
- lxd/network/openvswitch: Name functions consistently using ObjectAction format
- lxd/network/driver/bridge: OVS function naming usage
- lxd/network/network/utils: OVS function naming usage
- lxd/device/nic/bridged: OVS function naming usage
- lxd/storage/locking: Moves package to lxd/locking
- lxd/locking: Renames variables to make them generic
- lxd/storage/drivers/utils: Adds OperationLockName function
- lxd/network/network/interface: Adds ID() function
- lxd/network/driver/common: Implements ID() function
- lxd/storage: locking.Lock usage with OperationLockName wrapper
- lxd/resources: Fix total memory for per NUMA node
- lxd: enable safe native container terminal allocation
- lxd/rsync: Don't pass --bwlimit when no limits set
- exec: fix OpenPtyInDevpts()
- test/suites/storage: LVM size tweaks
- lxd/instance/drivers/driver/lxc: Adds nil check in getLxcState
- client/operations: Fixes race conditions
- lxd/operations: Fixes race conditions
- client: More races fixed
- Makefile: Adds race target for enabling race detector
- Makefile: Correctly builds lxd-p2c and lxd-agent in debug and nocache targets
- client/operations: Race fix
- lxd/db: Adds mutex to fix races
- lxd/operations: Fixes races
- shared/validate: Adds IsURLSegmentSafe function
- lxd/network/driver/common: Adds common ValidateName function
- lxd/network/driver/bridge: Changes ValidateName to use common validation too
- lxd/network/driver: Removes ValidateName from sriov and macvlan
- lxd/network/network/load: Adds field name context to name validation errors
- lxd/network/network/utils: Removes validVirtualNetworkName
- lxd/networks: Returns network context on network startup failure
- shared/validate: Adds Required() and makes Optional() accept multiple validators
- lxd/network/driver/bridge: Don't allow stable volatile MAC with fan network
- lxd/network/driver/bridge: Don't allow hwaddr to be set in fan mode
- seccomp: update comment about blocking the new mount api
- syscall_numbers: fix pidfd_open() definition
- lxd_seccomp: add SECCOMP_IOCTL_NOTIF_ADDFD definitions and types
- checkfeature: check for seccomp notify fd injection feature
- syscall_numbers: add pidfd_getfd()
- syscall_numbers: add bpf()
- seccomp: report helpful errors when determining support for features
- seccomp: handle liblxc sending the notify fd as part of the seccomp message
- seccomp: enable bpf in unprivileged containers
- doc: add security.syscalls.intercept.bpf and security.syscalls.intercept.bpf.prog.devices
- api: add container_syscall_intercept_bpf_devices extension
- lxd-client: add security.syscalls.intercept.bpf security.syscalls.intercept.bpf.devices to completion
- production-setup: mention bpf-specific memlock settings
- seccomp: check the return value of pwrite()
- syscall_numbers: add close_range()
- exec: switch to close_range() syscall
- process_utils: remove faulty license
- lxd/apparmor/dnsmasq: Add binary for nesting
- lxd/storage/drivers/ceph: Fix volume deletion
- lxd/instance/drivers/driver/qemu: Fix race in onStop getting operation
- lxd/db: Fix premature failure when listing cluster volumes
- lxd/db/storage_volumes: Add comments regarding behaviour
- doc/production-setup: Fix escaping
- doc/production-setup: Update introduction
- lxd: Fix automatic storage volume snapshots
- cluster: Don't upgrade nodes without raft role concurrently
- lxd/network/network/load: Moves fillAuto logic into per-driver fillConfig function
- lxd/network/utils: Moves fillAuto into bridge's fillConfig function
- lxd/network/network/utils: Adds randomHwaddr function
- lxd/patches: Adds patch to remove volatile.bridge.hwaddr network key
- lxd/network/bridge/driver: Removes volatile.bridge.hwaddr and adds stable MAC generation
- shared/usbid: Don't auto-load
- lxd/resources: Load USB database
- lxd/apparmor: Move dnsmasq functions
- lxd/apparmor: forkdns profile
- lxd/sys: Add unpriv uid/group
- lxd/instances: Update for OS type change
- shared/subprocess: s/Pid/PID/
- shared/subprocess: Add credentials
- lxd/network: forkdns and creds drop for forkdns
- lxd/network: Run dnsmasq as unpriv group
- lxd/device/device/common: Adds common contextual logger
- doc/networks: dns.search clarification
- lxd/network/driver/bridge: Validates bridge.external_interfaces using validate.Optional() helper
- shared/validate: Adds network IP range validators
- lxd/network/driver/bridge: Adds DHCP IP range validation
- shared/network/ip: Defines IPRange struct
- lxd/dnsmasq/dhcpalloc: Removes DHCPRange and switches to shared.IPRange
- lxd/network: Replaces dhcpalloc.DHCPRange with shared.IPRange
- lxd/storage: Fix delete of remote pools
- lxd/storage/ceph: Allow for small size variation
- seccomp: cap instruction limit and log buffer to reasonable sizes
- seccomp: initialize almost everything
- main_checkfeature: remove logging failed shiftfs mounts
- seccomp: log errors to convert unix connection to file
- unixfd: improve SCM_RIGHTs file descriptor retrieval
- seccomp: simplify the seccomp message retrieval
- api: Adds API extension network_type_ovn
- doc/server: Documents global OVN networking config keys
- lxd/cluster/config: Adds OVN networking global config keys
- lxd/network/network/utils: Updates isInUseByDevices to support ovn
- lxd/db/networks: Adds OVN network type
- lxd/network/network/load: Adds ovn network type to loader
- lxd/networks: Adds ovn network type
- lxd/device/device/load: Adds OVN nic type support
- lxd/device/nictype: Adds ovn support
- lxd/network/network/utils: Adds OVN instance device port helpers
- lxd/network/openvswitch/ovs: Adds InterfaceAssociateOVNSwitchPort
- lxd/network/openvswitch/ovs: Adds ChassisID function
- lxd/network/openvswitch/ovs: Adds OVN bridge mapping functions
- lxd/network/openvswitch/ovs: Adds BridgePortList function
- lxd/network/openvswitch/ovs: Adds OVNBridgeMappingDelete function
- lxd/network/openvswitch/ovn: Adds OVN command wrapper
- lxd/network/network/utils: Adds parseIPRange functions
- lxd/network/driver/bridge: Adds OVN ranges keys
- lxd/network/driver/ovn: Adds OVN network driver
- lxd/device/nic/ovn: Adds OVN nic type
- doc/networks: Adds initial OVN doc
- doc/networks: Add OVN range keys
- doc/networks: Fix key ordering
- bash: Update completion profile
- lxd/apparmor: Disable cgroup2 on legacy hosts
- lxc/manpage: Fix behavior in snap
- shared/subprocess: Add StartWithFiles
- lxd/forkproxy: Switch to using subprocess
- daemon: check namespace management support through pidfds
- nsexec: remove unused dosetns() function
- nsexec: add new change_namespace() helper
- forksyscall: use pidfds to attach to namespaces
- forknet: use pidfds to attach to namespaces
- forkmount: use pidfds to attach to namespaces
- forkproxy: use pidfds to attach to namespaces
- forkfile: use pidfds to attach to namespaces
- nsexec: remove unused setnsat()
- lxd/db/networks: Separates network type and status conversion into separate functions
- lxd/db/networks: Adds ClusterTx.GetNonPendingNetworks function
- lxd/db/networks: Adds ClusterTx.UpdateNetwork function
- lxd/network/driver/ovn: Use DB transactions to safely allocate OVN external IPs on parent network
- lxd/network/driver/ovn: Include last IP in OVN range for allocatable IPs
- lxd/db/networks: Populates network nodes in ClusterTx.GetNonPendingNetworks
- lxd/db/networks: Populate description col with empty string in CreatePendingNetwork
- shared/validate: Adds IsNetworkMTU function
- lxd/network/driver: validates mtu using IsNetworkMTU
- lxd/device/nic: Validates mtu using IsNetworkMTU
- lxd/network/network/utils: Removes OVN specific helper functions
- lxd/network/network/utils/ovn: Adds OVNInstanceDeviceMTU function
- lxd/network/openvwitch/ovn: Adds MTU support for DHCP and IPv6 RA
- lxd/network/driver/ovn: Adds bridge.mtu config option and passes to DHCP/RA setup
- lxd/device/nic/ovn: Use parent network's bridge.mtu setting for setting device MTU
- lxd/network/driver/common: Moves notifier for delete into common
- lxd/networks: Moves cluster notification and storage clean up for networkDelete into common
- shared/validate: Use consistent quoting for outputting input value when there is an error
- lxc: Bundle sortorder
- lxd/network/ovn: Use snap path
- doc/networks: Adds link to OVN network
- lxd/network/network/utils: Adds pingIP function
- lxd/network/driver/ovn: Pings OVN external IPv6 router IP on bridge port start
- lxd/network/openvswitch/dns: Adds LogicalSwitchPortSetDNS and LogicalSwitchPortDeleteDNS functions
- lxd/network/openvswitch/ovn: Updates LogicalSwitchDelete to clear any remaining DNS records
- lxd/network/network/utils/ovn: Updates OVNInstanceDevicePortAdd to take instanceName for DNS records
- lxd/network/driver/ovn: Updates instance port functions to setup and remove DNS records
- lxd/device/nic/ovn: Updates usage of network.OVNInstanceDevicePortAdd to supply instance name for DNS records
- lxd/storage/drivers/utils: Fixes shrinkFileSystem to detect e2fsck filesystem modifications
- lxd/db/instances: Ensure correct pool name is returned in GetInstancePool
- shared/cert: Fix on Windows
- lxc/console: Support remote-viewer on Windows
- lxc/export: Use HostPathFollow
- lxd/cluster: Re-try listening for a minute
- lxd/init: Don't fail on existing address
- lxd/storage/zfs: Fix bad transfer logic on block
- lxd/storage/zfs: Always discard mountpoint on recv
- lxd/db/projects: go imports order
- lxd/db/projects: Removes unnecessary whitespace
- lxd/db/cluster: Adds patch for adding project_id to networks table
- lxd/db/networks: Adds project support to CreatePendingNetwork
- lxd/db/networks: Adds project support to CreateNetwork
- lxd/networks: Pass project.Default when creating networks
- lxd/instance/test: Updates tests to use project.Default for new networks
- lxd/db/networks/test: Updates tests to use project.Default for new networks
- lxd/storage/zfs: Don't filter mountpoint on block
- lxd/db/instances: Removes instancePoolSnapshot function
- lxc/network: Fix usage
- i18n: Update translation templates
- lxd/apparmor/dnsmasq: drop dup rule, /snap/lxd/*/ includes /snap/lxd/current/
- lxd/apparmor/forkdns: drop dup rule, /snap/lxd/*/ includes /snap/lxd/current/
- lxd/instance: Always put snapshots on same pool as parent
- doc/security: Adds note about non-IP ethernet frame filtering to stop VLAN QinQ bypass
- lxd/db/cluster: Update tables to allow null value for node ID
- shared/util: Converts DefaultPort from string to int
- lxd/util/net: Updates CanonicalNetworkAddress to use net.JoinHostPort rather than manual fmt.Sprintf
- lxd/util/net: Adds CanonicalNetworkAddressFromAddressAndPort function
- lxd/device/device/utils/proxy: Use net.JoinHostPort rather than manual fmt.Sprintf
- lxd/main/init/interactive: Error wrapping
- lxd/main/init/interactive: Use canonical address after port has been added for comparison
- lxd/main/init/auto: util.CanonicalNetworkAddressFromAddressAndPort usage
- lxc/remote: shared.DefaultPort usage
- lxd-agent/main/agent: shared.DefaultPort usage
- lxd-p2c/utils: shared.DefaultPort usage
- lxd/vsock: shared.DefaultPort usage
- lxd/util/http: shared.DefaultPort usage
- lxd/main/init: shared.DefaultPort usage
- lxd/db: Handle null value for nodeID
- lxd/daemon: Make db aware of remote storage drivers
- lxd/daemon: Perform automatic snapshots on random node
- lxd/storage: Refuse BLOCK_AND_RSYNC with running instance
- lxd/apparmor: Simplify profile name generation
- lxd/device: Export Name and Config
- lxd/apparmor: Shrink instance interface
- lxd/apparmor/forkdns: Alignment
- lxd/apparmor/forkdns: Support LD_LIBRARY_PATH
- lxd/api/cluster: Makes ServerAddress field required for clusterPutJoin
- lxd/network/driver/ovn: Makes ping test in startParentPortBridge async
- lxd/init: Updates initDataNodeApply to use revert package and to revert itself on error
- lxd/cluster/connect: Adds UserAgentNotifier constant
- lxd/cluster/connect: Adds UserAgentJoiner constant
- lxd/cluster/connect: Adds ClientType type and UserAgentClientType function
- lxd/api: Updates isClusterNotification to use cluster.UserAgentNotifier
- lxd/api/cluster: clusterInitMember comments
- lxd/api/cluster: initDataNodeApply usage
- lxd/main/init: initDataNodeApply usage
- lxd/api/cluster: Updates clusterPutJoin to use cluster.UserAgentJoiner when sending requests to local node
- lxd/network/network/interfaces: Replaces clusterNotification bool with cluster.ClientType
- lxd/network/driver/common: cluster.ClientType usage
- lxd/network/driver: cluster.ClientType usage
- lxd/network/driver/ovn: cluster.ClientType usage
- lxd/networks: cluster.ClientType usage
- lxd/apparmor/dnsmasq: Add /proc/self/fd
- lxd/apparmor/forkdns: Allow reading/mapping the binary
- lxd/apparmor: Add forkproxy
- lxd/device/forkproxy: Add apparmor
- lxd/instance/instance/interface: Moves Project() function into ConfigReader interface
- lxd/instance/drivers/driver/common: Adds Project function
- lxd/instance/drivers/driver/lxc: Updates lxc to use common fields
- lxd/instance/drivers/driver/lxc: Removes driver specific Project function
- lxd/instance/drivers/driver/qemu: Removes driver specific Project function
- lxd/network/network/utils: Improves UpdateDNSMasqStatic error message
- lxd/daemon: db.StorageRemoteDriverNames usage
- lxd/db: StorageRemoteDriverNames usage
- lxd/db/storage/pools: Renames GetRemoteDrivers to StorageRemoteDriverNames for clarity
- lxd/storage/drivers/load: Cache supported drivers
- lxd/storage/drivers/load: Remove references to "support" in AllDriverNames
- lxd/apparmor/forkproxy: Fix running on i386
- lxd/storage/drivers/interface: Adds isRemote function
- lxd/storage/drivers/driver/common: Adds isRemote() function that returns false
- lxd/storage/drivers/driver: Updates driver's Info() function to call d.isRemote()
- lxd/storage/drivers/ceph: Implements isRemote function for ceph and cephfs
- lxd/storage/drivers/load: Removes SupportedDrivers caching and updates comment
- lxd/storage/drivers/load: Simplifies RemoteDriverNames to use the isRemote function
- lxd/daemon: storageDrivers.RemoteDriverNames usage simplifcation
- doc/networks: Rename OVN parent to network
- lxd/networks/ovn: Rename parent to network
- scripts/bash: Add network config key
- i18n: Update translations from weblate
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 2.0.12 リリースのお知らせ ¶
14th of August 2020
はじめに ¶
LXD チームが LXD 2.0.12 のリリースをお知らせします!
このリリースは、2021 年 6 月までサポートされる LXD 2.0 に対する 12 個目のバグフィックスリリースです。
バグ修正と改良点 ¶
一番古い LTS リリースである LXD 2.0 は 2017 年 10 月以来リリースがありませんでした。
この 2.0 系の LTS ブランチはセキュリティフィックスのみが行われるモードに入っています。このリリースは 2.0.11 に入らなかった古いバグ修正のいくつかと、LXD のこのブランチをビルドできるようにするための修正のみを含んでいます。
この一部として、LXD の依存関係のいくつかが、古いバージョンの Go でビルドできなくなり、LXD 2.0.11 が Go 1.13, 1.14, 1.15 で実行でき、少なくとも 1.11 ではビルドできないことを確認しました。
重要な修正やセキュリティ上の修正はないため、古い Go のバージョンを必要とするディストリビューションは 2.0.11 を維持するべきです。
最後に、LXD 2.0 LTS をまだ使っているユーザーは、このブランチでは重要なセキュリティ上の問題のみが修正され、1 年以内にサポートが終了しますので、より新しいバージョンにアップグレードすることをおすすめします。2.0 LTS から直接 4.0 LTS へアップグレードすることがサポートされています。
コミットの全リストは次のとおりです(翻訳なし):
- Fix file transfers to/from stdin/stdout in snap
- If running as root in the snap, use /proc/1/root
- Fix failure due to bind-mount through /proc
- all: move to bakery.v2
- Update the "lxc list" help to match stable-2.0
- tests: Don't use godeps for import check
- Make current gofmt happy
- Make current gofmt happy (stable-2.0 specific)
- liblxc: detect version at runtime
- Update for newer ZFS releases
- zfs: try pool import
- Revert most of the macaroon support in client
- client: Add GetOperationUUIDs and GetOperations
- lxd/logs: Don't allow removing lxc.conf or lxc.log
- shared/api: Add API extension label to AuthMethods
- Drop logging setup in Daemon.Init()
- Add helper to redirect the global logger to the testing logger
- Add a shared.KeyPairAndCA function to get coventionally named certs
- Add new debug sub-package with support for memory profiling
- Add lxd/task sub-package for running functions periodically
- Fix output of --print-goroutines-every
- Add cpu profiling and goroutines printing to the debug sub-package
- Move execPath global variable to sys.OS.ExecPath
- Move global aaAvailable global variable to sys.OS
- Move global aaStacking global variable to sys.OS
- Move global runningInUserns global variable to sys.OS
- Move global aaAdmin global variable to sys.OS
- Move global aaConfined global variable to sys.OS
- Move global cgBlkioController global variable to sys.OS
- Move global cgCpuController global variable to sys.OS
- Move remaining global cgXXX global variables to sys.OS
- Move directory initialization to sys.OS.
- Drop unnecessary checks on MockMode
- Vendor a copy of log15 in shared/log15
- Revert "Temporary workaround for log15 API breakage"
- Switch to the built-in log15
- Add a endpoints.Endpoints class for managing HTTP endpoints
- Wire endpoints.Endpoints into Daemon
- lxd/daemon: Fix unsetting https address
- Move optional Daemon config values to DaemonConfig
- Don't skip Daemon.Ready() in tests, it can be run unconditionally
- Wire debug utilities into main_daemon.go
- Track the lifecycle of the goroutine performing log expiration
- Streamline Daemon init and shutdownn
- Control all goroutines spawned in Daemon.Ready() using task.Task
- Don't use global path variables in sys.OS
- Switch to the built-in log15
- Return the initial schema version in Schema.Ensure()
- Add a Schema.Fresh() method to set a "bootstrap" SQL statement
- Complete moving schema creation logic to schema.Schema
- Rename Daemon.db to Daemon.nodeDB
- Convert a few call sites of sql.DB.Begin to db.DB.Begin
- Rename State.DB to State.NodeDB
- Convert remaining call sites of the low-level db.Begin function
- Rename db.QueryScan to db.queryScan, making it unexported
- Remove direct use of the low-level db.Exec() func outside of lxd/db/
- Rename db.Exec to db.exec, making it unexported
- Move certificate db APIs to the db.Node facade
- Move container db APIs to the db.Node facade
- zfs: Fix slowdown because of mountpoint check
- tests: Deal with missing ttyS0/ttyS1 (on s390x)
- Move profile db APIs to the db.Node facade
- Move patches db APIs to the db.Node facade
- Move image db APIs to the db.Node facade
- Move devices db APIs to the db.Node facade
- Drop all references to Daemon.nodeDB
- Use instance-level cache dir variable instead of the environment one
- Use instance-level log dir variable instead of the environment one
- Use instance-level var dir variable instead of the environment one
- Add initial Go-level daemon integration-like test
- Add lxd/config sub-package implementing structured config maps
- Rename db_test.go to db_internal_test.go, since it's white box
- Add db.NewTestNode helper for database-related unit tests
- Add a db.NodeTx structure to abstract away low-level transactions
- Add low-level query helpers for changing config tables
- Add db APIs for fetching and changing node-local config values
- Add node.Config high-level API for modifying node-level config
- Cleanup test state at every test, to improve isolation.
- Move node-level schema updates to their own db/local/ sub-package.
- Add Schema.ExerciseUpdate() for testing a individual update
- Fix spurious tx.Exec argument in lxd/db/schema/query.go
- Extract the APIExtensions list from api10Get
- Add error messages to lxdTestSuite setup and teardown
- Add query.Count utility
- Switch to the built-in log15
- Setup mock storage driver
- Extract initialization of the REST and /dev/lxd http Server
- Add support for gracefully aborting schema.Ensure
- Drop the containerLXC.OS() convenience
- Rename container.StateObject() to container.DaemonObject()
- Drop the storageShared.OS() convenience
- Move util.AppArmorCanStack to a private appArmorCanStack in lxd/sys
- Drop trailing slash from cgroup paths definitions
- Drop pointless comments about function calls being no-op
- Rename variable "code" to "kind" for consistency
- Drop logging message when retrying to listen to a network port
- Fixed typos in the task sub-package
- Fix docstring in shared.KeyPairAndCA
- Drop unused import in lxd/db/certificates.go
- Rename Cert to Certificate in API names of lxd/db/certificates.go
- Fix import formatting in lxd/db/patches.go
- Split version declarations in shared/version into several files
- shared/logging: Add freebsd build conditional to log_posix.go
- Switch to the built-in log15
- Gracefully cancel tasks on daemon shutdown
- Fixed wording in comment
- Tweak schedule function for pruning images
- Expose task.Task instead of returning an integer handle
- client: Name all the return values in interfaces
- Fix some typos
- Fix some typos
- tests: Check for typos
- tests: Add test for unused variables
- api: add console structs
- client: add client API ConsoleContainer()
- container_lxc: add lxcParseRawLXC()
- client: add client API GetContainerConsoleLog()
- client: add client API DeleteContainerConsoleLog()
- container_exec: check for OpenPty() error
- client: add "ConsoleDisconnect" argument
- shared/idmap: Fix handling of hardlinks
- lxd/containers: Skip sockets in tarballs
- lxd/daemon: Add LXD_EXEC_PATH to override execPath
- Fix a number of unchecked variables
- lxd/containers: Only init the config if needed
- lxc/file: Log downloads/uploads
- lxd/init: Re-add missing ZFS pool name question
- lxd/init: Fix bad handling of dir backend
- Added documentation about shell env to lxc exec
- lxd-benchmark: Change the default count of containers from 100 to 1
- shared/util: add EscapePathFstab()
- devlxd: Properly lock the internal struct
- migrate.proto: silence protobuf compiler warning
- migrate: older than lxc 2.0.4 will fail
- Makefile: Better detect sqlite3.h
- client: URL escape all user input
- devlxd: Cleanup in preparation for events
- lxd/certificates: Add missing name value
- Makefile: Don't hardcode gcc
- container_lxc: actually return an error
- i18n: Update translation templates
- travis: Bump Go versions
- shared/utils: deal with symlinks
- travis: Limit to just Go 1.9
- Update LVM documentation
- zfs: fix argument order of zfs get commands.
- network: fix insertNetworkDevice()
- container_lxc: escape paths fstab style
- migrate: prepare for pre-copy migration
- Fixed typo in comment about SubCommands in lxd/main.go KishanRPatel katiewasnothere dinopanda jialin-li kianaalcala
- lxd/containers: Fix race condition in shutdown
- lxd/containers: Log auto-start errors
- lxc/exec: Fix typo
- lxd/containers: Fix tc egress rules
- lxd/events: Cleanup event listener setup
- Update issue template
- doc: Add /images/
/secret to API list - lxd/containers: No slahses in snapshot names
- lxd/init: Strip leading and trailing spaces
- change “your first time using LXD” to something less confusing
- doc/README: Update source build instructions
- doc/containers: Document CPU limits
- i18n: Update translation template
- scripts/vagrant: The LXD PPA is gone
- allow arbitrary users to read idmaps
- drop \n from IdmapSet's ToLxcString
- lxd/containers: Fix container shutdown on exit
- lxd/main: Don't mention --preseed on 2.0
- i18n: Fix bad japanese translation
- fix parsing for container name tab-completion
- lxc/file: Fix edit in a snap environment
- shared/idmap:DefaultIdmapSet(): take a user argument
- *: move download function to shared
- shared/hostpath: Also check SNAP_NAME
- shared/hostpath: Properly handle prefix check
- termios: Workaround vet on go tip
- test: fix shellcheck complaints
- lxd,shared: move archive functions to shared
- containers: Default to pids cgroup for fork bomb mitigation
- tests: Check for mixed tabs/spaces and trailing whitespaces
- tests: Fix mixed tabs/spaces
- api: Include message format for events
- events: Use api message type
- api: Add NetworkLease struct
- client: Add network leases handling
- lxc: Properly handle the --version flag
- lxd-benchmark: Fix new go vet warnings
- lxc: Make the
/ syntax work - i18n: Update translation templates
- Make the test suite use lxc.apparmor.profile instead of lxc.aa_profile
- Check for LXC version to decide which apparmor profile config key to use
- setup-lvm: Fix pyflakes warnings
- shared/cancel: Properly lock map
- shared/cancel: Make the cancel code golint clean
- lxd: Rework listening logic
- lxd-benchmark: Fix golint
- lxd/types: Make golint clean
- client: Check API extension for storage
- client: Check API extension for network
- shared/api: add local storage volume {copy,move}
- client: add {Copy,Move}StoragePoolVolume()
- api: Add description field on operation
- shared/eagain: Make our EAGAIN code a new package
- lxd/netcat: Port to using shared/eagain
- lxd/daemon: Cleanup startup code a bit
- tests: Wait up to 20s for image to expire
- tests: Consistency
- fuidshift: Drop specific Makefile
- shared/version: Include storage backends in agent
- lxc: Fix golint
- lxd/util: Fix golint
- tests: Update list of golint clean packages
- i18n: Look at all lxc files
- lxc: Introduce a new utils package
- lxd: Move migration code to own package
- shared: Remove dead code
- lxd: Restrict pongo2 file functions
- tests: Fix recent Go test breakages
- lxc/utils: Sync stringList with master
- scripts/bash: tweak complete line for snaps
- Add some missing "Return:" headings to make sample return values formatting right
- container_lxc: keep full capability set
- Fix version parsing of LXC betas
- Ignore io.EOF errors when performing PUT /internal/shutdown
- lxd/shutdown: Fix error string check
- lxd/shutdown: Fix typo in error handling
- lxd/init: Prevent non-root execution
- lxd/init: Don't fail test when non-root
- memory: fix format string
- db: Fix bad format string
- client: Remove debug statements
- db: Fix more format issues
- lxd/migration: Update protocol
- i18n: Update message catalogs and Japanese translation
- shared/api: Don't re-define fields
- doc: add the appropriate titles to some documents
- lxc: Fix manpage subcommand
- shared/idmap: Workaround Go tip change
- lxc: Remove dead code
- Manually release the liblxc structs
- lxd/containers: Adapt to go-lxc Release
- tests: Bump LV size to 50MB
- lxd/util: Fix formatting
- tests: Tweak fdleak test
- lxd/util: Add missing import
- travis: Sync with current
- Release LXD 2.0.12
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.0.3 リリースのお知らせ¶
12th of August 2020
Introduction¶
LXD チームが LXD 4.0.3 のリリースをお知らせします!
このリリースは、2025 年 6 月までサポートされる LXD 4.0 に対する 3 つめのバグフィックスリリースです。
バグ修正と改良 ¶
このリリースには、開発ブランチからの数カ月分のバグフィックスと細かな改善が含まれています。
このリリースでは、VGA コンソール(LXD API 内の SPICE)とプロジェクトのディスク制限が含まれており、少し拡張された「マイナーな改良」となっています。4.0 リリースの主要な機能のいくつかのギャップを埋めるには、これが重要で(そして簡単だ)と思ったのです。
これらの機能は、データベーススキーマの更新を必要とせず、ダウングレードを防止したり、ディスク上の構造を変更したりすることもありませんので、変更を行うことは安全で重要であると感じました。
主な変更点は次のとおりです:
lxc launchに新たに--consoleフラグが追加されました- 仮想マシン内の
/dev/lxdAPI のサポート /1.0/resourcesAPI 内で GPU 媒介(mediated)デバイスのサポート- 仮想マシンに対する VGA コンソールのサポートの追加。クライアントで
--console=vga(lxc launchもしくはlxc start)や--type=vga(lxc console)を指定します dnsmasqとforkdnsに対する自動的な AppArmor プロファイルの生成- プロジェクトに対するディスク制限(
limits.disk設定オプション)
コミットの全リストは次のとおりです(翻訳なし):
- lxd/storage: Better handle broken volumes
- client: Handle unknown image sizes
- lxd/response: Stream multi-part responses
- lxd/device/disk: Fixes cloud-init errors for VMs
- lxc/action: Show usage on missing target
- lxd/storage: Rely on UsedBy for deletion error
- lxd/instances/qemu: Use images dir during compression
- lxd/storage/drivers: Rename fs to filesystem
- shared/api: Add ContentType to storage volume structs
- client: Support custom block volumes
- lxd/util: Detect hugetlbfs mount point
- lxd/cluster: Always check for dqlite protocol version mismatches
- lxd/cluster: Don't run unnecessary HEAD probe upon dqlite connections
- forksyscall: use nsids for shiftfs syscall intercepts
- lxd/db: Drop ClusterRoleDatabase records from the database
- lxd/cluster: Fetch database role information directly from raft
- lxd/storage: Fix regression in truncate handling
- lxd/cluster: Only look up raft_nodes for resolving the address of node 1
- lxd/cluster: Leverage RolesChanges.Handover() to choose handover target
- lxd: Increase timeout of go unit tests when ran from Emacs
- lxd/cluster: Skip unnecessary loading of nodes from database in Rebalance()
- lxd/cluster: Leverage RolesChanges.Adjust() to choose rebalance target
- lxd/cluster: Increase time budget of client.Assign() when assigning voter role
- lxd/cluster: When demoting to Spare only transition to StandBy if Voter
- lxd/project: Add more name checks
- doc/server: Cover listen + authentication
- lxd/qemu: Don't do file lock on custom volumes
- shared/api: Add FailureDomain field to ClusterMemberPut
- client: Check clustering_failure_domains extension when updating a member
- instance: update terminology I
- lxd/network: Validate ipv4/ipv6 routes
- lxd/proxy: Fix govet
- lxd/rsync: Add AtLeast
- lxd/rsync: Filter out security.selinux
- lxd-p2c: Filter out security.selinux
- lxc-to-lxd: Filter out security.selinux
- lxc/launch: Add --console
- instance: introduce container_syscall_filtering_allow_deny extension
- tests: remove trailing comma
- lxd/instance/drivers: Provide instance-data file
- lxd-agent: Support /dev/lxd
- lxd/instance/drivers: Allow updating running VMs
- tests: Fix bad ipv6.routes value
- lxc/instance/drivers/qemu: Support ephemeral VMs
- lxd/qemu: Use memory backend ram/file
- lxc/image: Fix dir handling on snap
- lxd/qemu: Fix crash on non-pinned VM
- lxc/image: Fix more dir handling on snap
- terminals: update terminology again
- doc/instances: Improves proxy docs
- lxc/main_alias: Handle leading arguments
- lxd/storage: Fix block volume migration
- lxd/rbac: Always allow internal cluster traffic
- units: handle multiplication integer overflow
- lxd/rsync: Untangle from daemon package
- lxd/qemu: Don't use file.locking with rbd
- lxd/storage/zfs: Use autotrim when available
- lxd: Add clustering_fix_raft_address_zero patch to fix node with "0" as address
- Revert "lxd/storage: Fix block volume migration"
- lxd/resources: Use udev model data if available
- Decode error
- doc/api-extensions: Fix escaping
- share/api: Add GPU mdev
- lxd/resources: Add GPU mdev
- api: Add GPU mdev
- lxd/qemu: Fix unbound hugepages
- lxd/qemu: Properly connect memory
- api: console_vga_type
- doc/rest-api: Add type field to console
- shared/api: Add Type field to InstanceConsolePost
- lxd/instance: Add protocol argument to Instance.Console()
- lxd/instance/drivers: Support VGA output in qemu.Console()
- lxd: Handle "vga" type in console API handler
- client: Add ConsoleInstanceDynamic() to support multiple websocket connections
- lxc: Add --type flag to "lxc console"
- i18n: Update translation templates
- lxc/console: Missing error handling
- lxc/console: Prefer remote-viewer
- lxc: Populate cmdConsole.flagType also when ran manually
- lxc/console: Short argument for type
- lxc: Allow using --console=TYPE
- lxd/images: Rename imgPostContInfo to imgPostInstanceInfo
- lxd/instances: Return and set image properties
- lxd/qemu: Add support for spice agent
- lxc/console: Disconnect on shutdown
- lxd/db: Drive-by removal of leftover fmt.Printf's
- lxd/main_daemon: s/containers/instances/
- lxd: s/containersShutdown/instancesShutdown/
- lxd: Add context to daemon
- lxd/operations: Add db operation type to Operation
- lxd: Add waitForOperations()
- lxd: Shut down gracefully
- lxd/operations/operations: Fix hanging cancellation
- lxd/instance_post: Pass cancel function to websocket operation
- client/lxd_instances: Cancel websocket op if needed
- lxd/daemon: Return 503 when shutting down
- doc/api-extensions: Fix over-escaping
- lxd: Add --force flag to lxd shutdown
- shared/instance: Move network validation functions to shared
- lxd/db/networks: Adds internal network type constants
- lxd/db/networks: Updates CreateNetwork to accept a network type
- lxd/db/networks: Updates CreatePendingNetwork to accept a network type
- lxd/network/network/interface: Adds network interface
- lxd/network/network/load: LoadByName to use Network interface, add Validate
- lxd/network/errors: Adds error constants
- lxd/network/network/utils: Moved validation functions from main package
- lxd/network/driver/common: Adds common driver
- lxd/network/driver/bridge: Renames network to driver_bridge
- lxd/networks/utils: Remove unused network validation functions in main
- lxd/device/device/utils/network: Removes unused validation functions
- lxd/device/device/utils/proxy: shared.IsNetworkAddress usage
- lxd/device/nic: shared validation function usage
- lxd/device/nic/bridged: Support Network interface
- lxd/device/nic/ipvlan: shared validation function usage
- lxd/device/nic/routed: shared validation function usage
- lxd/main/init/interactive: Uses network name validation from network package
- lxd/networks: ValidNetworkName usage in networkPost
- lxd/networks: Updates doNetworkUpdate to use network package validation
- lxd/networks: Updates networksPost to support network type
- lxd/networks: Remove use of network.IsRunning in networkShutdown
- lxd/networks/config: Removed
- lxd/networks/utils: Updates usage of n.RefreshForkdnsServerAddresses to generic n.HandleHearbeat
- lxd: Updates network tests to pass netType
- lxd/network/network/utils: Unexports usesIPv4Firewall and usesIPv6Firewall
- lxd/network/driver/bridge: usesIPv4Firewall and usesIPv6Firewall usage
- lxd/apparmor: Use templating
- lxd/apparmor: Use proper version parsing
- lxd/network/driver/common: Adds config diff and db update common functions
- lxd/network/driver/common: Adds contextual logger
- lxd/network/driver/common: Removes stuttering on "common" in validation rules function
- lxd/network/driver/bridge: Updates to use contextual logger
- lxd/network/driver/bridge: Simplifies Update function to use common update functions
- lxc/networks: Renames notify to clusterNotification in doNetworkUpdate
- lxd/network/network/interface: Clarifies Update arguments
- lxd/network/network/interface: Renames Delete withDatabase arg to clusterNotification
- lxd/network/driver/common: Adds common delete function
- lxd/networks: Cleans up networksPost to use clusterNotification argument correctly
- lxd/networks: Log quoting in networksPostCluster
- lxd/networks: Cleans up doNetworksCreate to use clusterNotification argument
- lxd/network/driver/bridge: Updates Delete to use common delete function
- lxd/network/driver/bridge: Adds logging to Update
- lxd/networks: Removes bridge specific logic in doNetworkUpdate
- lxd/network/driver/bridge: Adds fan auto detection logic to Update
- lxd/network/driver/common: Adds rename common function
- lxd/network/driver/bridge: Updates Rename to use common rename function
- lxd/networks: networkPost logging quoting
- lxc/network/driver/bridge: isRunning comment
- lxd/network/driver/bridge: Unexports hasIPv4Firewall and hasIPv6Firewall
- lxd/networks: Detect unknown network type in networksPost, dont assume bridge
- lxd/networks: comment fix in networksPostCluster
- lxd/networks: Allow for different managed network types in doNetworkGet
- lxd/network/network/interface: Adds fillConfig to interface
- lxd/network/driver/common: Adds default fillConfig function
- lxd/network/driver/common: Adds default HandleHeartbeat function
- lxd/network/network/load: Adds per-driver FillConfig wrapper
- lxd/network/network/utils: Removes generic FillConfig
- lxd/network/driver/bridge: fillConfig implementation
- lxd/network/driver/bridge: Exposes error message from ValidNetworkName in Validate
- shared/version: Add projects_limits_disk extension
- doc: Document limits.disk project configuration key
- lxd: Add "limits.disk" to supported project config keys
- lxd/project: Check that root disk sizes are within limits.disk
- lxd/project: Add projectInfo struct to hold together project's extra info
- lxd/db: Add GetCustomVolumesInProject() to fetch custom volumes in a project
- lxd/project: Fetch the project's custom volumes
- lxd/project: Consider custom volumes sizes in checkAggregateLimits
- lxd/project: Add AllowVolumeCreation() to check limits upon volume creation
- lxd: Call project.AllowVolumeCreation() before creating custom volumes
- lxd/project: Add AllowVolumeUpdate() to check custom volumes config updates
- lxd: Call project.AllowVolumeUpdate() before modifying a custom volume
- shared: Add QuotaWriter
- lxd/project: Add GetImageSpaceBudget() returning image disk space budget
- lxd: Possibly limit the disk space that can be used by POST /1.0/images
- lxd: Check available project budget when publishing an instance as image
- lxd/project: Fill missing fields when checking instance creation
- lxd/project: Skip checks when unsetting limits
- lxd: Honor project disk budget when downloading images
- test: Add tests for the "limits.disk" project config key
- lxd/sys: Create apparmor/seccomp paths
- lxd/apparmor: Split and rename instance functions
- lxd/resources/storage: Use ID_MODEL_ENC when possible
- shared: Add InSnap
- shared/subprocess: Add AppArmor support
- lxd/apparmor: Rename template
- lxd/apparmor: Add dnsmasq profile
- lxd/networks: Use AppArmor when available
- tests: Delete leftover storage volume
- lxd/operations/operations: Renames Operations to Clone
- lxd-agent/operations: operations.Clone() usage
- lxd: operations.Clone() usage
- Drop from .travis.yaml Go versions we don't support anymore
- shared/api/network: Adds network status constants
- lxd/networks: API constant usage in networkDelete
- lxd/network/network/load: Adds status
- lxd/network/network/interface: Adds status function
- lxd/network/driver/common: Adds status field and function
- lxd/network/driver/bridge: Don't allow starting a pending network
- lxd/device/nic/bridged: Usage of d.state.Cluster.GetNetworkInAnyState in rebuildDnsmasqEntry
- lxd/api/cluster: Usage of api.NetworkStatusPending
- lxd/db/networks: Usage of api package's NetworkStatus constants in getNetwork
- lxd/db/networks: Removes unused GetNetwork
- lxd/db/networks: GetNonPendingNetworks comment
- lxd/db/networks: Allow pending nodes to be added to errored networks in CreatePendingNetwork
- lxd/db/networks: CreatePendingNetwork comments and line spacing
- lxd/networks/utils: Skip network load error in networkUpdateForkdnsServersTask
- lxd/device/nic/bridged: Validates network is type bridge
- lxc/device/nic/bridged: Only allow using non-Pending networks
- lxd/networks: Various comment and error quoting consistency fixes
- lxd/networks: Validate network name earlier in networksPost
- lxc/networks: Validate config in doNetworksCreate
- lxd/db/networks: Ensure that network type matches existing pending network in CreatePendingNetwork
- lxd/db/networks: Remove errored state on successful update in UpdateNetwork
- lxd/network/driver/bridge: Adds targetNode arg to Update
- lxd/network/network/interface: Adds targetNode arg to Update
- lxd/network/driver/common: Tweaks to update function in cluster environment
- lxd/networks: networksPost error response tweaks
- lxd/networks: Updates networksPostCluster
- lxd/networks: Unifies networkPut and networkPatch
- lxd/device/nictype: Adds small package to resolve NIC device nictype from network
- lxd/device/config/devices: Removes NICType
- lxd/device/config/devices: Improves comment on Update
- lxd/device/device/load: Removes devTypes map and updates load to use NICType function
- lxd/device: Removes device load helpers
- lxd/device/device/utils/network: nictype.NICType usage
- lxd/device/nic/bridged: Updates usage of functions whose signatures changed due to NICType
- lxd/device/nic/p2p: Updates usage of functions that changed signature due to NICType
- lxd/device/proxy: nictype.NICType usage
- lxd/instance/drivers/driver/lxc: nictype.NICType usage
- lxd/instance/drivers/driver/qemu: nictype.NICType usage
- lxd/network/driver/bridge: Usage of functions that changed signature due to NICType
- lxd/network/driver/common: Updates IsUsed for NICType signature changes and checks for profile usage
- lxd/network/network/interface: Signature change of IsUsed to accommodate NICType
- lxd/network/network/utils: Usage of nictype.NICType and signature changes to accommodate it
- lxd/networks: nictype.NICType usage and comment improvements
- lxd/networks: Comment ending consistency
- test: Updates tests to delete profiles before networks
- lxd/networks: Remove database record on error in networksPost
- test: sriov NIC comment ending consistency
- doc/networks: Re-arranges network docs to support different types
- doc/networks: Fixes typo
- lxd/network/openvswitch/ovs: Adds OVS wrapper
- lxd/network/driver/bridge: ovs usage
- lxd/network/network/utils: ovs usage
- lxd/networks: ovs.BridgeExists usage
- tree-wide: add dummy include package for cgo
- doc/images: Cover the various image servers
- doc: Typo fix
- lxd/networks: Fixes bug in doNetworkUpdate that prevents removal of non-node specific keys
- lxd/network/driver/bridge: Consistent comment ending in setup()
- lxd/network/network/interface: fillConfig signature
- lxd/network/driver/common: Updates fillConfig signature
- lxd/network/driver/bridge: Updates fillConfig signature
- lxd/network/network/load: Updates FillConfig to use new signature
- lxd/network/driver/bridge: Fixes Update to regenerate default values if missing
- test/suites/container/devices/nic/bridged: Fixes DHCP disable by setting IP address none
- lxd/network/driver/bridge: Dont fail start if cannot restore third party route
- lxd/migrate: Fix crash in sendControl when no active connection
- lxd/operations: Fix typo
- lxc/export: Plug in cancelable wait
- i18n: Update translation templates
- lxd/devices/device/utils/network: Removes networkValidMAC
- shared/instance: Adds IsNetworkMAC for use in network and device packages
- lxd/device/nic: shared.IsNetworkMAC usage
- lxd/network/driver/bridge: Adds volatile.bridge.hwaddr key
- shared/validate: Adds validate helper package
- lxd: Updates use of validate helper functions now in validate package
- shared: Removes validate helper functions
- lxd/device/device/utils/infiniband: Changes infinibandValidMAC to use net.ParseMAC
- lxd/device/device/utils/infiniband/test: Changes test name for linter
- lxd/networks: Allow update/removal of node-specific key in non-clustered mode
- lxd/network/driver/bridge: Adds safety check for volatile MAC address usage
- lxd/device: fix empty error message when tc fails
- test: Wait for operations to be removed from the database
- shared/validate: Adds Optional() validate wrapper
- shared/validate: Makes IsInt64 non-optional
- lxd/network/driver/bridge: Add validate.Optional() wrapper for validate.IsInt64 usage
- lxd/storage/utils: Adds validate.Optional() wrapper for validate.IsInt64 usage
- shared/instance: Adds validate.Optional() wrapper for validate.IsInt64 usage
- lxd/device/device/utils/network: Removes networkValidVLAN
- shared/validate: Adds IsNetworkVLAN
- lxd/device/nic: validate.IsNetworkVLAN usage
- seccomp: switch from individual pread() to process_vm_readv()
- seccomp: fix i386 builds
- seccomp: ensure that target process is still valid
- client: Move proxyMigration
- lxd: Port remaining calls to instance
- lxd/network/driver/common: Adds Create function no-op
- lxd/network/network/interface: Adds Create function
- lxd/networks: Adds call to network Create in doNetworksCreate
- lxd/device/device/utils/network: Adds networkDHCPValidIP
- lxd/device/nic/bridged: Removes networkDHCPValidIP
- lxd/device/device/utils/networks: Splits networkSetupHostVethDevice into multiple functions
- lxd/device/nic/bridged: networkVethFillFromVolatile usage and other host-veth functions
- lxd/device/nic/p2p: networkVethFillFromVolatile usage and other host-veth helper functions
- lxd/device/nic/routed: networkVethFillFromVolatile usage and other host-veth helper functions
- lxd/network/network/utils: Updates isInUseByDevices to support networks that don't match their physical parent
- lxd/device: Add missing sriov type
- lxc/move: Allow --target with cluster destination
- i18n: Update translation templates
- lxd/networks: Validate network config before starting networks on startup
- lxd/network/driver/common: Call init() in update() to consistency apply new internal state
- lxd/device/device/utils/network: Removes networkDHCPValidIP
- lxd/dnsmasq/dhcpalloc: Adds static DHCP allocation package for dnsmasq
- lxd/dnsmasq: Renames DHCPStaticIPs to DHCPStaticAllocation
- lxd/dnsmasq: Renames DHCPAllocatedIPs to DHCPAllAllocations
- lxd/network/network/utils: Removes GetIP
- lxd/network/network/utils: dhcpalloc.GetIP usage
- lxd/network/network/utils: dnsmasq.DHCPStaticAllocation usage
- lxd/network/network/interface: Changes of functions to accommodate dhcpalloc package
- lxd/network/driver/common: Implements default no-op function for non-dhcp enabled networks
- lxd/network/driver/common: dhcpalloc.DHCPRange usage
- lxd/network/driver/bridge: dhcpalloc package function usage
- lxd/network/driver/bridge: DHCPv4Subnet and DHCPv6Subnet implementations
- lxd/device/nic/bridged: Comment correction
- lxd/device/nic/bridged: n.DHCPv4Subnet and n.DHCPv6Subnet usage
- lxd/device/nic/bridged: dnsmasq.DHCPStaticAllocation usage
- lxd/device/nic/bridged: dhcpalloc.DHCPValidIP usage
- lxd/device/nic/bridged: Switches static DHCP allocation for IP filtering to dnsmasq/dhcpalloc
- lxd/main_activateifneeded: Clarify 'No DB' debug statements
- doc: s/container/instance/g
- doc/backup: Add note about the snap mntns
- lxd/apparmor: Don't fail on missing apparmor
- shared/validate: Makes IsUint32 non-optional
- lxd: Wraps validate.IsUint32 in validate.Optional
- shared/instance: Wraps validate.IsUint32 in validate.Optional
- shared/validate: Makes IsUint8 non-optional
- lxd/network/driver/bridge: Wraps validate.IsUint8 in validate.Optional
- shared/validate: Makes IsPriority non-optional
- shared/instance: Wraps validate.IsPriority in validate.Optional
- shared/validate: Makes IsBool non-optional
- lxd: Wraps validate.IsBool in validate.Optional
- shared/instance: Wraps validate.IsBool in validate.Optional
- shared/validate: Makes IsSize non-optional
- lxd: Wraps validate.IsSize in validate.Optional
- shared/instance: Wraps validate.IsSize in validate.Optional
- shared/validate: Makes IsNetworkAddress non-optional
- lxd: Wraps validate.IsNetworkAddress in validate.Optional
- shared/validate: Makes IsNetworkV4 non-optional
- lxd/network/driver/bridge: Wraps validate.IsNetworkV4 in shared.Optional
- shared/validate: Makes IsNetworkAddressV4 non-optional
- lxd/device/nic: Wraps validate.IsNetworkAddressV4 in validate.Optional
- lxd/network/driver/bridge: Wraps validate.IsNetworkAddressV4 in validate.Optional
- shared/validate: Makes IsNetworkAddressCIDRV4 non-optional
- lxd: Wraps validate.IsNetworkAddressCIDRV4 in validate.Optional
- shared/validate: Makes IsDeviceID non-optional
- lxd/device: Wraps validate.IsDeviceID in validate.Optional
- shared/validate: Makes IsNetworkV6 non-optional
- shared/validate: Makes IsNetworkAddressCIDRV6 non-optional
- lxd: Wraps validate.IsNetworkAddressCIDRV6 in validate.Optional
- shared/validate: Makes IsNetworkAddressV6 non-optional
- lxd: Wraps validate.IsNetworkAddressV6 in validate.Optional
- lxd/device/nic/routed: Wraps validate.IsNetworkAddressV4List in validate.Optional
- lxd: Wraps validate.IsNetworkV4List and validate.IsNetworkV6List in validate.Optional
- shared/validate: Tweaks IsNetworkVLAN error message ordering
- shared/validate: comment spacing
- daemon: check whether shiftfs is usable
- lxd/network/network/utils: Renames ValidNetworkName to validInterfaceName
- lxd/network/network/utils: Adds validVirtualNetworkName
- lxd/network/network/interfaces: Adds ValidateName
- lxd/network/driver/bridge: Implements ValidateName
- lxd/network/network/load: Adds ValidateName helper function
- lxd/main/init/interactive: Switches to network.ValidateName for bridge validation
- lxd/networks: Switches to network.ValidateName
- lxd/storage/utils: Simplifies error message from ValidName
- lxd/cluster/config: Fix import ordering of external package
- lxd/network/openvswitch: Name functions consistently using ObjectAction format
- lxd/network/driver/bridge: OVS function naming usage
- lxd/network/network/utils: OVS function naming usage
- lxd/network/network/interface: Adds ID() function
- lxd/network/driver/common: Implements ID() function
- lxd/resources: Fix total memory for per NUMA node
- lxd/rsync: Don't pass --bwlimit when no limits set
- client/operations: Fixes race conditions
- lxd/operations: Fixes race conditions
- client: More races fixed
- Makefile: Adds race target for enabling race detector
- Makefile: Correctly builds lxd-p2c and lxd-agent in debug and nocache targets
- client/operations: Race fix
- lxd/db: Adds mutex to fix races
- lxd/operations: Fixes races
- shared/validate: Adds IsURLSegmentSafe function
- lxd/network/driver/common: Adds common ValidateName function
- lxd/network/driver/bridge: Changes ValidateName to use common validation too
- lxd/network/network/load: Adds field name context to name validation errors
- lxd/network/network/utils: Removes validVirtualNetworkName
- lxd/networks: Returns network context on network startup failure
- shared/validate: Adds Required() and makes Optional() accept multiple validators
- test/suites/storage: LVM size tweaks
- lxd: enable safe native container terminal allocation
- exec: fix OpenPtyInDevpts()
- lxd/instance/drivers/driver/lxc: Adds nil check in getLxcState
- lxd/storage/locking: Moves package to lxd/locking
- lxd/locking: Renames variables to make them generic
- lxd/storage/drivers/utils: Adds OperationLockName function
- lxd/storage: locking.Lock usage with OperationLockName wrapper
- lxd/network/driver/bridge: Don't allow stable volatile MAC with fan network
- lxd/network/driver/bridge: Don't allow hwaddr to be set in fan mode
- seccomp: update comment about blocking the new mount api
- syscall_numbers: fix pidfd_open() definition
- lxd_seccomp: add SECCOMP_IOCTL_NOTIF_ADDFD definitions and types
- checkfeature: check for seccomp notify fd injection feature
- syscall_numbers: add pidfd_getfd()
- syscall_numbers: add bpf()
- seccomp: report helpful errors when determining support for features
- seccomp: handle liblxc sending the notify fd as part of the seccomp message
- syscall_numbers: add close_range()
- exec: switch to close_range() syscall
- process_utils: remove faulty license
- lxd/apparmor/dnsmasq: Add binary for nesting
- lxd/storage/drivers/ceph: Fix volume deletion
- lxd/instance/drivers/driver/qemu: Fix race in onStop getting operation
- lxd/db: Fix premature failure when listing cluster volumes
- lxd/db/storage_volumes: Add comments regarding behaviour
- doc/production-setup: Fix escaping
- doc/production-setup: Update introduction
- lxd: Fix automatic storage volume snapshots
- cluster: Don't upgrade nodes without raft role concurrently
- lxd/network/network/load: Moves fillAuto logic into per-driver fillConfig function
- lxd/network/utils: Moves fillAuto into bridge's fillConfig function
- lxd/network/network/utils: Adds randomHwaddr function
- lxd/patches: Adds patch to remove volatile.bridge.hwaddr network key
- lxd/network/bridge/driver: Removes volatile.bridge.hwaddr and adds stable MAC generation
- shared/usbid: Don't auto-load
- lxd/resources: Load USB database
- lxd/apparmor: Move dnsmasq functions
- lxd/apparmor: forkdns profile
- lxd/sys: Add unpriv uid/group
- lxd/instances: Update for OS type change
- shared/subprocess: s/Pid/PID/
- shared/subprocess: Add credentials
- lxd/network: forkdns and creds drop for forkdns
- lxd/network: Run dnsmasq as unpriv group
- lxd/device/device/common: Adds common contextual logger
- lxd/network/driver/bridge: Validates bridge.external_interfaces using validate.Optional() helper
- shared/validate: Adds network IP range validators
- lxd/network/driver/bridge: Adds DHCP IP range validation
- shared/network/ip: Defines IPRange struct
- lxd/dnsmasq/dhcpalloc: Removes DHCPRange and switches to shared.IPRange
- lxd/network: Replaces dhcpalloc.DHCPRange with shared.IPRange
- lxd/storage: Fix delete of remote pools
- lxd/storage/ceph: Allow for small size variation
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.4 リリースのお知らせ¶
31st of July 2020
はじめに ¶
LXD チームは LXD 4.4 のリリースをお知らせできることにワクワクしています!
このリリースは、ユーザーの方々すべてに新しい機能を提供する非常に忙しいリリースのひとつになりました。クラスタリングとマルチユーザーのデプロイメントを大幅に改良し、今後さらにエキサイティングな機能を追加するための基盤になっています。
Enjoy!
新機能とハイライト ¶
仮想マシン向けの VGA コンソール ¶
LXD 4.3 では、QEMU の設定に、デフォルトの virtio-gpu デバイスと SPICE 通信チャンネルのサポートを追加しました。
このリリースでは、実際に仮想 GPU にアタッチして操作するための通信メカニズムとクライアントロジックが追加されました。
lxc launch もしくは lxc start に --console=vga を指定するか、lxc console に --type=vga を指定できます。これを使うには、クライアントシステム上で remote-viewer か spicy が利用できる必要があります。もしどちらもない場合は、SPICE ソケットがクライアント上にマッピングされ、パスが提供されます。
この API は LXD 自身の websocket コンソール API に基づいていますが、spice-html5 と互換性があるため、LXD にアクセスする Web インターフェースに使用できます。
クラスタリングの failure domain ¶
LXD はクラスターメンバーに対する failure domain のコンセプトを公開するようになりました。
これにより、どのシステムが同時にオフラインになりそうかを LXD データベースに伝えることができますので、リーダーを選出する際や、クラスターメンバーを別のデータベースロールに昇格させたりするときに、より良い決定を下せるようになります。
failure domain の例としては、物理システムの電源回路、仮想マシン上で LXD が実行されている場合のホストシステム、クラウドインスタンス上で LXD が実行されている場合のクラウドアベイラビリティゾーンやリージョンがあります。
root@nuc01:~# lxc cluster list +-------+----------------------------+----------+--------+-------------------+--------------+----------------+ | NAME | URL | DATABASE | STATE | MESSAGE | ARCHITECTURE | FAILURE DOMAIN | +-------+----------------------------+----------+--------+-------------------+--------------+----------------+ | nuc01 | https://172.17.16.140:8443 | YES | ONLINE | fully operational | x86_64 | pdu01 | +-------+----------------------------+----------+--------+-------------------+--------------+----------------+ | nuc02 | https://172.17.16.139:8443 | NO | ONLINE | fully operational | x86_64 | pdu02 | +-------+----------------------------+----------+--------+-------------------+--------------+----------------+
仮想マシンの /dev/lxd ¶
/dev/lxd API(英語サイト)が仮想マシンでも利用できるようになりました。
これはコンテナ内の場合と同じように動作します。しかし、イメージダウンロードの転送機能は利用できません。
デーモンの graceful シャットダウン ¶
これまでは、システムがシャットダウンされる際や LXD がアップデートされる際に、LXD がシャットダウンの指示を受けたときは、実行中のすべての操作が即座に中断されていました。
これはいくつかの不具合を引き起こしていました:
- いかなる lxc exec/console コマンドも即座に切断されていた
- イメージの更新が中断され、イメージが壊れたり失われたりする可能性があった
- マイグレーション中のインスタンスが、移行元サーバー上で停止したままの状態になっている可能性があった
新しいロジックは次のように処理しようとします:
- キャンセルできる操作はクリーンにキャンセルする
- 新しい操作の開始を防ぐ
- シャットダウン中のいかなる API 操作も防ぐ
- (exec/console のような)キャンセルできない操作を最大で 5 分待機する
残念ながら、lxc exec や lxc console のユーザーに数分後に切断されることを通知する良い方法はありません。どんな出力でも、その操作を妨げる可能性があるからです。しかし、5 分間の猶予時間は多くの場合で充分であり、現在の動作に比べて大きな改善になると考えています。
管理ネットワークの macvlan タイプと sriov タイプ ¶
管理ネットワークに、すでにある bridged に加えて新たにふたつのネットワークタイプが加わりました。
これは、macvlan もしくは sriov を使った管理ネットワークを定義し、(管理されたネットワークしか使えない)制限されたプロジェクトで使用できるようにすることができるようになったということです。
このように定義すると、MAAS サブネット、MTU、VLAN を事前に定義することができ、インスタンスごとに定義を繰り返し行う必要がありません。
これは、今後実装される仮想ネットワーク(OVN 経由)の外部レイヤーの基盤となります。これによりプロジェクトユーザーは、許可された管理ネットワークを使った独自のネットワークを、ホストシステムとコンフリクトする危険性なく構築できます。
root@lantea:~# lxc network create my-macvlan parent=enp11s0 --type=macvlan Network my-macvlan created root@lantea:~# lxc network create my-sriov parent=enp7s0 vlan=1017 --type=sriov Network my-sriov created root@lantea:~# lxc init images:ubuntu/20.04/cloud c1 Creating c1 root@lantea:~# lxc config device add c1 eth0 nic network=my-macvlan name=eth0 Device eth0 added to c1 root@lantea:~# lxc init images:ubuntu/20.04/cloud c2 Creating c2 root@lantea:~# lxc config device add c2 eth0 nic network=my-sriov name=eth0 Device eth0 added to c2 root@lantea:~# lxc start c1 c2 root@lantea:~# lxc list +------+---------+----------------------+-----------------------------------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +------+---------+----------------------+-----------------------------------+-----------+-----------+ | c1 | RUNNING | 172.17.16.224 (eth0) | 2001:470:b0f8:1016:1::dcba (eth0) | CONTAINER | 0 | +------+---------+----------------------+-----------------------------------+-----------+-----------+ | c2 | RUNNING | 172.17.17.241 (eth0) | 2001:470:b0f8:1017:1::c36d (eth0) | CONTAINER | 0 | +------+---------+----------------------+-----------------------------------+-----------+-----------+ root@lantea:~#
プロジェクト内のディスク使用量制限 ¶
最近、プロジェクトに対する制限(limit)と制約(restriction)が設定できるようになり、信頼できないユーザーが LXD を安全に使えるようになりました。その後、プロジェクトに欠けていた機能として、プロジェクトがディスクスペースのないホストシステムを実行できていたことがあります。
これは、新たに追加された limits.disk 設定キーがプロジェクトで利用可能になり、プロジェクトに対してトータルのディスク使用量を制限できるようになったことで問題ではなくなりました。
これはすべてのプロジェクトのインスタンス、イメージ、カスタムストレージボリュームに対して適用されます。
dnsmasq に対する AppArmor 制限 ¶
AppArmor サポートが拡張され、インスタンスに対する保護だけでなく、LXD が操作する他のサービスも保護するようになりました。
最初のこのような外部サービスは dnsmasq です。ネットワークごとの AppArmor プロファイルで実行されるようになりました。
LXD が起動する、長時間実行しつづけるプロセスのすべてをカバーするように、forkdns、forkproxy、qemu についても同様のプロファイルを追加する予定です。
リソース API の GPU 媒介(mediated)デバイス ¶
LXD は GPU の媒介デバイスを検出するようになりました。
これは Intel と NVIDIA の一部のデバイスでサポートされています。そして複数のプロファイルから選択できる物理デバイス上に仮想デバイスを作成できます。作成したデバイスは、仮想マシンの VFIO として使用できます。
現時点では、LXD は媒介デバイスを検出して表示するだけで、まだ仮想マシンでそれらを使用できません。
stgraber@castiana:~$ lxc query /1.0/resources | jq .gpu.cards
[
{
"driver": "i915",
"driver_version": "5.4.0-42-generic",
"drm": {
"card_device": "226:0",
"card_name": "card0",
"control_device": "226:0",
"control_name": "controlD64",
"id": 0,
"render_device": "226:128",
"render_name": "renderD128"
},
"mdev": {
"i915-GVTg_V5_4": {
"api": "vfio-pci",
"available": 0,
"description": "low_gm_size: 128MB\nhigh_gm_size: 512MB\nfence: 4\nresolution: 1920x1200\nweight: 4",
"devices": []
},
"i915-GVTg_V5_8": {
"api": "vfio-pci",
"available": 1,
"description": "low_gm_size: 64MB\nhigh_gm_size: 384MB\nfence: 4\nresolution: 1024x768\nweight: 2",
"devices": [
"7c43babb-cf2a-403c-ae5a-7c45aeb5fb2f"
]
}
},
"numa_node": 0,
"pci_address": "0000:00:02.0",
"product": "HD Graphics 620",
"product_id": "5916",
"vendor": "Intel Corporation",
"vendor_id": "8086"
}
]
lxc launch の --console オプション ¶
LXD 4.3 で lxc start と lxc restart に --console オプションが追加されました。このバージョンで、lxc launch でもインスタンスのコンソールにすばやくアクセスできるようになりました。
すべての変更点(翻訳なし) ¶
このリリースでのすべての変更点のリストは次のとおりです:
- lxd/cluster: Leverage RolesChanges.Handover() to choose handover target
- lxd: Increase timeout of go unit tests when ran from Emacs
- lxd/cluster: Skip unnecessary loading of nodes from database in Rebalance()
- lxd/cluster: Leverage RolesChanges.Adjust() to choose rebalance target
- lxd/cluster: Increase time budget of client.Assign() when assigning voter role
- lxd/cluster: When demoting to Spare only transition to StandBy if Voter
- lxd/project: Add more name checks
- doc/server: Cover listen + authentication
- lxd/db: Add failure_domains table and nodes column reference
- lxd/qemu: Don't do file lock on custom volumes
- lxd/db: Add UpdateNodeFailureDomain() and GetNodesFailureDomains()
- lxd/cluster: Honor failure domains when changing roles
- shared/version: Add clustering_failure_domains extension
- shared/api: Add FailureDomain field to ClusterMemberPut
- lxd/cluster: Populate FailureDomain field when listing cluster members
- lxd: Support changing failure domain in PUT /1.0/cluster/
- client: Check clustering_failure_domains extension when updating a member
- doc: Add documentation about failure domains
- lxc: Add failure domain column in "lxc cluster list" output
- make i18n
- test: Add new clustering_failure_domains test case
- instance: update terminology I
- lxd/network: Validate ipv4/ipv6 routes
- lxd/proxy: Fix govet
- lxd/rsync: Add AtLeast
- lxd/rsync: Filter out security.selinux
- lxd-p2c: Filter out security.selinux
- lxc-to-lxd: Filter out security.selinux
- lxc/launch: Add --console
- instance: introduce container_syscall_filtering_allow_deny extension
- tests: remove trailing comma
- lxd/instance/drivers: Provide instance-data file
- lxd-agent: Support /dev/lxd
- lxd/instance/drivers: Allow updating running VMs
- tests: Fix bad ipv6.routes value
- lxc/instance/drivers/qemu: Support ephemeral VMs
- lxd/qemu: Use memory backend ram/file
- lxc/image: Fix dir handling on snap
- lxd/qemu: Fix crash on non-pinned VM
- lxc/image: Fix more dir handling on snap
- terminals: update terminology again
- doc/instances: Improves proxy docs
- lxc/main_alias: Handle leading arguments
- lxd/storage: Fix block volume migration
- lxd/rbac: Always allow internal cluster traffic
- units: handle multiplication integer overflow
- lxd/rsync: Untangle from daemon package
- lxd/qemu: Don't use file.locking with rbd
- lxd/storage/zfs: Use autotrim when available
- lxd: Add clustering_fix_raft_address_zero patch to fix node with "0" as address
- lxd/resources: Use udev model data if available
- Decode error
- doc/api-extensions: Fix escaping
- share/api: Add GPU mdev
- lxd/resources: Add GPU mdev
- api: Add GPU mdev
- lxd/qemu: Fix unbound hugepages
- lxd/qemu: Properly connect memory
- api: console_vga_type
- doc/rest-api: Add type field to console
- shared/api: Add Type field to InstanceConsolePost
- lxd/instance: Add protocol argument to Instance.Console()
- lxd/instance/drivers: Support VGA output in qemu.Console()
- lxd: Handle "vga" type in console API handler
- client: Add ConsoleInstanceDynamic() to support multiple websocket connections
- lxc: Add --type flag to "lxc console"
- i18n: Update translation templates
- lxc/console: Missing error handling
- i18n: Update translations from weblate
- lxc/console: Prefer remote-viewer
- lxc: Populate cmdConsole.flagType also when ran manually
- lxc/console: Short argument for type
- lxc: Allow using --console=TYPE
- lxd/images: Rename imgPostContInfo to imgPostInstanceInfo
- lxd/instances: Return and set image properties
- lxd/qemu: Add support for spice agent
- lxd/main_daemon: s/containers/instances/
- lxd: s/containersShutdown/instancesShutdown/
- lxd: Add context to daemon
- lxd/operations: Add db operation type to Operation
- lxd: Add waitForOperations()
- lxd: Shut down gracefully
- lxd/operations/operations: Fix hanging cancellation
- lxd/instance_post: Pass cancel function to websocket operation
- client/lxd_instances: Cancel websocket op if needed
- lxc/console: Disconnect on shutdown
- lxd/daemon: Return 503 when shutting down
- lxd/db: Drive-by removal of leftover fmt.Printf's
- doc/api-extensions: Fix over-escaping
- lxc/network: Adds flagType to cmdNetwork
- shared/instance: Move network validation functions to shared
- lxd/db/cluster: Adds type field to networks table
- lxd/db/networks: Adds internal network type constants
- lxd/db/networks: Updates CreateNetwork to accept a network type
- lxd/db/networks: Updates CreatePendingNetwork to accept a network type
- lxd/db/networks: Populate network type in getNetwork
- lxd/network/network/interface: Adds network interface
- lxd/network/network/load: LoadByName to use Network interface, add Validate
- lxd/network/errors: Adds error constants
- lxd/network/network/utils: Moved validation functions from main package
- lxd/network/driver/common: Adds common driver
- lxd/network/driver/bridge: Renames network to driver_bridge
- lxd/networks/utils: Remove unused network validation functions in main
- lxd/device/device/utils/network: Removes unused validation functions
- lxd/device/device/utils/proxy: shared.IsNetworkAddress usage
- lxd/device/nic: shared validation function usage
- lxd/device/nic/bridged: Support Network interface
- lxd/device/nic/ipvlan: shared validation function usage
- lxd/device/nic/routed: shared validation function usage
- lxd/main/init/interactive: Uses network name validation from network package
- lxd/networks: ValidNetworkName usage in networkPost
- lxd/networks: Updates doNetworkUpdate to use network package validation
- lxd/networks: Updates networksPost to support network type
- lxd/networks: Remove use of network.IsRunning in networkShutdown
- lxd/networks/config: Removed
- lxd/networks/utils: Updates usage of n.RefreshForkdnsServerAddresses to generic n.HandleHearbeat
- i18n: Update translation templates
- lxd: Updates network tests to pass netType
- lxd/network/network/utils: Unexports usesIPv4Firewall and usesIPv6Firewall
- lxd/network/driver/bridge: usesIPv4Firewall and usesIPv6Firewall usage
- lxd: Add --force flag to lxd shutdown
- lxd/apparmor: Use templating
- lxd/apparmor: Use proper version parsing
- shared/version: Add projects_limits_disk extension
- doc: Document limits.disk project configuration key
- lxd: Add "limits.disk" to supported project config keys
- lxd/project: Check that root disk sizes are within limits.disk
- lxd/project: Add projectInfo struct to hold together project's extra info
- lxd/db: Add GetCustomVolumesInProject() to fetch custom volumes in a project
- lxd/project: Fetch the project's custom volumes
- lxd/project: Consider custom volumes sizes in checkAggregateLimits
- lxd/project: Add AllowVolumeCreation() to check limits upon volume creation
- lxd: Call project.AllowVolumeCreation() before creating custom volumes
- lxd/project: Add AllowVolumeUpdate() to check custom volumes config updates
- lxd: Call project.AllowVolumeUpdate() before modifying a custom volume
- shared: Add QuotaWriter
- lxd/project: Add GetImageSpaceBudget() returning image disk space budget
- lxd: Possibly limit the disk space that can be used by POST /1.0/images
- lxd/network/driver/common: Adds config diff and db update common functions
- lxd/network/driver/common: Adds contextual logger
- lxd/network/driver/common: Removes stuttering on "common" in validation rules function
- lxd/network/driver/bridge: Updates to use contextual logger
- lxd/network/driver/bridge: Simplifies Update function to use common update functions
- lxc/networks: Renames notify to clusterNotification in doNetworkUpdate
- lxd/network/network/interface: Clarifies Update arguments
- lxd/network/network/interface: Renames Delete withDatabase arg to clusterNotification
- lxd/network/driver/common: Adds common delete function
- lxd/networks: Cleans up networksPost to use clusterNotification argument correctly
- lxd/networks: Log quoting in networksPostCluster
- lxd/networks: Cleans up doNetworksCreate to use clusterNotification argument
- lxd/network/driver/bridge: Updates Delete to use common delete function
- lxd/network/driver/bridge: Adds logging to Update
- lxd: Check available project budget when publishing an instance as image
- lxd/project: Fill missing fields when checking instance creation
- lxd/project: Skip checks when unsetting limits
- lxd/networks: Removes bridge specific logic in doNetworkUpdate
- lxd: Honor project disk budget when downloading images
- lxd/network/driver/bridge: Adds fan auto detection logic to Update
- lxd/network/driver/common: Adds rename common function
- lxd/network/driver/bridge: Updates Rename to use common rename function
- lxd/networks: networkPost logging quoting
- test: Add tests for the "limits.disk" project config key
- lxc/network/driver/bridge: isRunning comment
- lxd/network/driver/bridge: Unexports hasIPv4Firewall and hasIPv6Firewall
- lxd/networks: Detect unknown network type in networksPost, dont assume bridge
- lxd/networks: comment fix in networksPostCluster
- lxd/db/network: Provide way to identifty unknown network type in getNetwork
- lxd/networks: Allow for different managed network types in doNetworkGet
- lxd/network/network/interface: Adds fillConfig to interface
- lxd/network/driver/common: Adds default fillConfig function
- lxd/network/driver/common: Adds default HandleHeartbeat function
- lxd/network/network/load: Adds per-driver FillConfig wrapper
- lxd/network/network/utils: Removes generic FillConfig
- lxd/network/driver/bridge: fillConfig implementation
- lxd/network/driver/bridge: Exposes error message from ValidNetworkName in Validate
- lxd/sys: Create apparmor/seccomp paths
- lxd/apparmor: Split and rename instance functions
- lxd/resources/storage: Use ID_MODEL_ENC when possible
- shared: Add InSnap
- shared/subprocess: Add AppArmor support
- lxd/apparmor: Rename template
- lxd/apparmor: Add dnsmasq profile
- lxd/networks: Use AppArmor when available
- tests: Delete leftover storage volume
- lxd/operations/operations: Renames Operations to Clone
- lxd-agent/operations: operations.Clone() usage
- lxd: operations.Clone() usage
- Drop from .travis.yaml Go versions we don't support anymore
- shared/api/network: Adds network status constants
- lxd/networks: API constant usage in networkDelete
- lxd/network/network/load: Adds status
- lxd/network/network/interface: Adds status function
- lxd/network/driver/common: Adds status field and function
- lxd/network/driver/bridge: Don't allow starting a pending network
- lxd/device/nic/bridged: Usage of d.state.Cluster.GetNetworkInAnyState in rebuildDnsmasqEntry
- lxd/api/cluster: Usage of api.NetworkStatusPending
- lxd/db/networks: Usage of api package's NetworkStatus constants in getNetwork
- lxd/db/networks: Removes unused GetNetwork
- lxd/db/networks: GetNonPendingNetworks comment
- lxd/db/networks: Allow pending nodes to be added to errored networks in CreatePendingNetwork
- lxd/db/networks: CreatePendingNetwork comments and line spacing
- lxd/networks/utils: Skip network load error in networkUpdateForkdnsServersTask
- lxd/device/nic/bridged: Validates network is type bridge
- lxc/device/nic/bridged: Only allow using non-Pending networks
- lxd/networks: Various comment and error quoting consistency fixes
- lxd/networks: Validate network name earlier in networksPost
- lxc/networks: Validate config in doNetworksCreate
- lxd/db/networks: Ensure that network type matches existing pending network in CreatePendingNetwork
- lxd/db/networks: Remove errored state on successful update in UpdateNetwork
- lxd/network/driver/bridge: Adds targetNode arg to Update
- lxd/network/network/interface: Adds targetNode arg to Update
- lxd/network/driver/common: Tweaks to update function in cluster environment
- lxd/networks: networksPost error response tweaks
- lxd/networks: Updates networksPostCluster
- lxd/networks: Unifies networkPut and networkPatch
- lxd/device/nictype: Adds small package to resolve NIC device nictype from network
- lxd/device/config/devices: Removes NICType
- lxd/device/config/devices: Improves comment on Update
- lxd/device/device/load: Removes devTypes map and updates load to use NICType function
- lxd/device: Removes device load helpers
- lxd/device/device/utils/network: nictype.NICType usage
- lxd/device/nic/bridged: Updates usage of functions whose signatures changed due to NICType
- lxd/device/nic/p2p: Updates usage of functions that changed signature due to NICType
- lxd/device/proxy: nictype.NICType usage
- lxd/instance/drivers/driver/lxc: nictype.NICType usage
- lxd/instance/drivers/driver/qemu: nictype.NICType usage
- lxd/network/driver/bridge: Usage of functions that changed signature due to NICType
- lxd/network/driver/common: Updates IsUsed for NICType signature changes and checks for profile usage
- lxd/network/network/interface: Signature change of IsUsed to accommodate NICType
- lxd/network/network/utils: Usage of nictype.NICType and signature changes to accommodate it
- lxd/networks: nictype.NICType usage and comment improvements
- lxd/networks: Comment ending consistency
- test: Updates tests to delete profiles before networks
- doc: Updates clustering docs with network parent optional per-node key
- lxd/db/networks: Adds parent as optional per-node network key
- lxd/db/networks: Adds constant for NetworkTypeMacvlan
- lxd/network/network/load: Adds macvlan driver as supported network type
- lxd/networks: Adds macvlan support to networksPost
- lxd/network/driver/macvlan: macvlan driver implementation
- lxd/device/nic/macvlan: Adds support for network config key
- lxd/device/nic/macvlan: Only allow non-pending networks to be used
- test: Adds macvlan network test
- lxd: Adds NetworkTypeSriov constant and conversion handling
- lxd/network: Adds sriov driver
- lxd/networks: Remove database record on error in networksPost
- lxd/device/nic/sriov: Adds network key support
- lxd/device/nictype: Adds sriov support
- test: sriov NIC comment ending consistency
- test: sriov network test
- doc/networks: Re-arranges network docs to support different types
- doc/networks: Adds doc for macvlan and sriov networks
- doc/instances: Updates macvlan and sriov NIC to indicate network support
- doc/networks: Fixes typo
- doc/networks: Adds example usage of --type flag
- lxd/network/openvswitch/ovs: Adds OVS wrapper
- lxd/device/nic/bridged: ovs.PortSet usage
- lxd/network/driver/bridge: ovs usage
- lxd/network/network/utils: ovs usage
- lxd/networks: ovs.BridgeExists usage
- api: Adds network_type_macvlan extension
- api: Adds network_type_sriov extension
- tree-wide: add dummy include package for cgo
- doc/images: Cover the various image servers
- doc: Typo fix
- lxd/networks: Fixes bug in doNetworkUpdate that prevents removal of non-node specific keys
- lxd/network/driver/bridge: Consistent comment ending in setup()
- lxd/network/network/interface: fillConfig signature
- lxd/network/driver/common: Updates fillConfig signature
- lxd/network/driver/bridge: Updates fillConfig signature
- lxd/network/network/load: Updates FillConfig to use new signature
- lxd/network/driver/bridge: Fixes Update to regenerate default values if missing
- test/suites/container/devices/nic/bridged: Fixes DHCP disable by setting IP address none
- lxd/network/driver/bridge: Dont fail start if cannot restore third party route
- lxd/migrate: Fix crash in sendControl when no active connection
- lxd/operations: Fix typo
- lxc/export: Plug in cancelable wait
- i18n: Update translation templates
- lxd/devices/device/utils/network: Removes networkValidMAC
- shared/instance: Adds IsNetworkMAC for use in network and device packages
- lxd/device/nic: shared.IsNetworkMAC usage
- lxd/network/driver/bridge: Adds volatile.bridge.hwaddr key
- shared/validate: Adds validate helper package
- lxd: Updates use of validate helper functions now in validate package
- shared: Removes validate helper functions
- lxd/device/device/utils/infiniband: Changes infinibandValidMAC to use net.ParseMAC
- lxd/device/device/utils/infiniband/test: Changes test name for linter
- lxd/networks: Allow update/removal of node-specific key in non-clustered mode
- lxd/network/driver/bridge: Adds safety check for volatile MAC address usage
- lxd/device: fix empty error message when tc fails
- test: Wait for operations to be removed from the database
- shared/validate: Adds Optional() validate wrapper
- shared/validate: Makes IsInt64 non-optional
- lxd/network/driver/bridge: Add validate.Optional() wrapper for validate.IsInt64 usage
- lxd/storage/utils: Adds validate.Optional() wrapper for validate.IsInt64 usage
- shared/instance: Adds validate.Optional() wrapper for validate.IsInt64 usage
- lxd/device/device/utils/network: Removes networkValidVLAN
- shared/validate: Adds IsNetworkVLAN
- lxd/device/device/utils/network: validate.IsNetworkVLAN usage
- lxd/device/nic: validate.IsNetworkVLAN usage
- lxd/network/driver: Adds mtu and vlan support for macvlan and sriov network types
- lxd/device/nic: Inherit mtu and vlan settings from network for macvlan and sriov NICs
- doc/networks: Adds mtu and vlan options for macvlan and sriov network types
- seccomp: switch from individual pread() to process_vm_readv()
- seccomp: fix i386 builds
- seccomp: ensure that target process is still valid
- client: Move proxyMigration
- lxd: Port remaining calls to instance
- lxd/network/driver/common: Adds Create function no-op
- lxd/network/network/interface: Adds Create function
- lxd/networks: Adds call to network Create in doNetworksCreate
- lxd/device/device/utils/network: Adds networkDHCPValidIP
- lxd/device/nic/bridged: Removes networkDHCPValidIP
- lxd/device/device/utils/networks: Splits networkSetupHostVethDevice into multiple functions
- lxd/device/nic/bridged: networkVethFillFromVolatile usage and other host-veth functions
- lxd/device/nic/p2p: networkVethFillFromVolatile usage and other host-veth helper functions
- lxd/device/nic/routed: networkVethFillFromVolatile usage and other host-veth helper functions
- lxd/network/network/utils: Updates isInUseByDevices to support networks that don't match their physical parent
- i18n: Update translations from weblate
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.3 リリースのお知らせ¶
1st of July 2020
はじめに ¶
LXD チームは LXD 4.3 のリリースをお知らせできることにワクワクしています!
このリリースは、特に仮想マシンの使用における多数の改良を行っています。また、クラスターユーザー向けのかなりの数のバグ修正と一般的なパフォーマンスの改良が含まれています。
Enjoy!
新機能とハイライト ¶
カスタムのブロックストレージボリューム ¶
これまで、カスタムストレージボリュームはすべてファイルシステムでした。それをサポートするストレージバックエンド上のディレクトリ・サブボリューム・データセット、または他のバックエンド上のフォーマットされたブロックのいずれかでした。
LXD が仮想マシンをサポートするようになりましたので、(以前から可能であった 9p を使った)従来のボリューム上のファイルシステムを仮想マシンにアタッチできるのと同様に、追加の RAW ディスクを仮想マシンにアタッチできるようにする必要性がでてきました。
これによりブロックのカスタムストレージボリュームが使えるようになりました。
stgraber@castiana:~$ lxc storage volume create default my-fs size=10GiB Storage volume my-fs created stgraber@castiana:~$ lxc storage volume create default my-block size=10GiB --type=block Storage volume my-block created stgraber@castiana:~$ lxc storage volume list default +-----------------+------------------------------------------------------------------+-------------+--------------+---------+ | TYPE | NAME | DESCRIPTION | CONTENT TYPE | USED BY | +-----------------+------------------------------------------------------------------+-------------+--------------+---------+ | custom | my-block | | block | 0 | +-----------------+------------------------------------------------------------------+-------------+--------------+---------+ | custom | my-fs | | filesystem | 0 | +-----------------+------------------------------------------------------------------+-------------+--------------+---------+ | image | a4dc839edd35d50158d57818938775669265a3af004bd93b8281115ee0abd29d | | block | 1 | +-----------------+------------------------------------------------------------------+-------------+--------------+---------+ | virtual-machine | f1 | | block | 1 | +-----------------+------------------------------------------------------------------+-------------+--------------+---------+ stgraber@castiana:~$ lxc config device add f1 my-fs disk source=my-fs pool=default path=/srv/my-fs Device my-fs added to f1 stgraber@castiana:~$ lxc config device add f1 my-block disk source=my-block pool=default Device my-block added to f1 stgraber@castiana:~$ lxc start f1 stgraber@castiana:~$ lxc exec f1 bash root@f1:~# gdisk -l /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_lxd_my-block GPT fdisk (gdisk) version 1.0.5 Partition table scan: MBR: not present BSD: not present APM: not present GPT: not present Creating new GPT entries in memory. Disk /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_lxd_my-block: 20971520 sectors, 10.0 GiB Sector size (logical/physical): 512/512 bytes Disk identifier (GUID): EA616112-9C49-4809-AA68-53895E752A34 Partition table holds up to 128 entries Main partition table begins at sector 2 and ends at sector 33 First usable sector is 34, last usable sector is 20971486 Partitions will be aligned on 2048-sector boundaries Total free space is 20971453 sectors (10.0 GiB) Number Start (sector) End (sector) Size Code Name root@f1:~# df -h /srv/my-fs/ Filesystem Size Used Avail Use% Mounted on lxd_my-fs 10G 128K 10G 1% /srv/my-fs root@f1:~#
VM: グラフィカルコンソールの初期作業 ¶
すべての LXD VM で virtio-gpu と virtio-input デバイスがすぐに使える状態になりました。同様にローカルの Unix ソケットに接続されている spice チャンネルも使える状態になっています。
現状、spicy のようなクライアントを使ってソケットに直接接続できます。しかし、すぐに LXD で lxc console を使った websocket 経由でリモートアクセスできるようになるでしょう。
VM: PCIe レイアウトの見直し ¶
VM に公開している全 virtio デバイスが確実に PCIe バス上にあるようにし、スロットの数を節約するために可能な限りデバイスはファンクションにマージするようにしました。
また、ネットワークデバイスは常に同じスロットに表示され、ハードウェアベースのネーミングが有効なときは一定の名前が得られるようなロジックが導入されています。
VM: GPU パススルー ¶
gpu タイプのデバイスを VM にアタッチし、VFIO 経由で物理 GPU を与えることができるようになりました。ホストと GPU を共有できるコンテナとは違い、VM では共有できないことに注意してください。
lxc start と lxc restart での直接のコンソールアタッチ ¶
単一のインスタンスを扱う場合、lxc start と lxc restart で --console オプションを指定できるようになりました。これにより、コマンドラインからすぐにコンソールにアタッチできるようになり、インスタンスのブートシーケンスを見ることができるようになります。
リソース API での Isolated CPU の表示 ¶
新たに、/1.0/resources API の全 CPU スレッドに isolated フィールドが追加されました。もし特定のスレッドが isolated な CPU と設定されている場合、このフィールドが true に設定されます。
これは通常はカーネルのコマンドラインで isolcpus= を指定してシステムを起動した場合に起こります。
すべての変更点(翻訳なし) ¶
このリリースでのすべての変更点のリストは次のとおりです:
- lxd/instance/drivers/driver/lxc: Adds debug logging to deviceStop
- lxd/instance/drivers/driver/lxc: Adds driver revert on failed start in startCommon
- lxd/instance/drivers/driver/qemu: Adds debug logging to deviceStop
- lxd/instance/drivers/driver/qemu: Simplifies failed start device cleanup in Start
- lxd/storage/drivers/driver/ceph/utils: Removes getRBDFilesystem
- lxd/storage/drivers/driver/ceph: Replaces use of d.getRBDFilesystem with vol.ConfigBlockFilesystem
- lxd/storage/drivers/volume: Adds ConfigBlockMountOptions function
- lxd/storage/drivers/driver/ceph/utils: Removes getRBDMountOptions in place of vol.ConfigBlockMountOptions()
- lxd/storage/drivers/driver/lvm/utils: Removes volumeMountOptions in place of vol.ConfigBlockMountOptions()
- lxd/storage/drivers: Replaces driver specific mount options resolution with vol.ConfigBlockMountOptions()
- lxd/rbac: Don't close body when missing
- doc/storage: Cover host/disk/loop setups
- lxd/init: Tweak default loop sizing
- lxd/vm: Rename some functions
- client: Expand snap path in ConnectLXDUnix
- lxd/vm: Add virtio-vga card
- lxd/vm: Add spice channel
- client: Fix ConnectLXDUnix regression
- lxd/vm: Fix PCIe slot for physical/sriov nic
- lxd/network: Make setting bridge VLAN filtering & default PVID optional
- lxd/instance/drivers/driver/qemu: Integrates built in GPU device PCI range with future passthrough GPU devices
- lxd/instance/drivers/driver/qemu/templates: Updates built in GPU device to use GPU address range prefix
- lxd/vm: Move to separate devices
- lxd/vm: Remove tiny wrapper functions
- lxd/vm: Per-architecture bus type
- add type to specify the instance type on creation Signed-off-by: Salem Yaslem s@sy.sa
- lxd/vm: Centralize port generation
- lxd/device: Sort nic devices ahead of others
- lxd/device/device/utils/generic: Adds PCI management functions for overriding driver
- lxd/device/device/utils/network: Removes network specific PCI bind/unbind functions
- lxd/device/nic/physical: Updates to use generic PCI management functions
- lxd/device/nic/sriov: Updates to use generic PCI management functions
- lxd/vm: Separate template keys in global/local
- lxd/vm: Use virtio-gpu-pci on non-x86
- lxd/vm: Rename qemuVGA to qemuGPU
- lxd/vm: Add virtio-input keyboard/mouse
- lxd/vm: Move bus allocator to own file
- lxc/volume: Fix typo in help message
- i18n: Update translation templates
- lxc/snapshot: Allow using snapshot delimiter
- i18n: Update translation templates
- doc/instances: Updates GPU device docs to show VM support
- lxd/device/gpu: Updates validation for VM support
- lxd/device/config/device/runconfig: Adds GPU field to RunConfig
- lxd/device/device/utils/generic: pciDeviceDriverOverride only check for driver binding if specified
- lxd/device/gpu: Adds VM GPU passthrough support
- lxd/instance/drivers/driver/qemu/templates: Consistent naming and casing for net dev templates
- lxd/instance/drivers/driver/qemu: Consistent net dev naming usage
- lxd/instance/drivers/driver/qemu/templates: Adds qemuGPUDevPhysical template
- lxd/instance/drivers/driver/qemu: Adds GPU passthrough support
- lxd/instance/drivers/driver/qemu/bus: Adds comments, clarifies var names, and constants for defined multi-function groups
- lxd/instance/drivers/driver/qemu: Switches to multi-function group constants and adds comments
- lxd/instance/drivers/qmp/monitor: Allow serial char device name to be passed in
- lxd/instance/drivers/driver/qemu: Defines qemuSerialChardevName to share with qemu and qmp
- lxd/instance/drivers/driver/qemu: qemuSerialChardevName usage
- lxd/instance/drivers/driver/qemu/templates: Add serial chardev name injection
- lxd/storage/quota/projectquota: Only set quota on directories and regular files
- lxd/db: Automatically strip ?project=default
- lxc/action: Properly handle --all with remotes
- lxd/projects: Properly clear empty keys
- lxd/db: Add missing feature to default project
- lxd/instance/drivers/driver/qemu: Pass-through GPU VGA mode status from host
- lxd/storage/drivers/driver/zfs/volumes: Remove snapshot when migrating as main volume
- lxd/cluster/heartbeat: Fix race in HeartbeatNode
- lxc/console: Split Console to own function
- lxc/start: Allow direct console attach
- i18n: Update translation templates
- lxd/instance/drivers/driver/qemu: Only enable GPU vga mode on x86_64 systems
- lxd/resources: Fix golint warning
- doc/api-extensions: Fix escaping
- api: resource_cpu_isolated
- lxd/resources: Add Isolated property
- lxd/resources: Don't use shared
- lxd/devices: Use resources for cpuset parsing
- lxc: Don't over-escape URLs
- lxd: Don't over-escape URLs
- lxd/db/storage: Rework UsedBy for pools
- lxd/instance/drivers/driver/qemu: Adds trans=virtio to 9p mounts
- lxc/action: Also add --console to restart
- lxd/resources/net: More flexible PCI detection
- lxc/query: Add path check
- i18n: Update translation templates
- tests: Fix bad lxc query call
- lxd/storage-pools: Tweak UsedBy URLs
- lxd/networks: Reports profiles in UsedBy
- lxd/db: Tweak joins
- lxd/db: Fix UsedBy on projects
- lxd/storage_volumes: Fix UsedBy
- api: usedby_consistency
- lxd-agent/main/agent: Fix 9p mount when relative target path is supplied
- test: Updates udhcpd args to ensure process quits one lease acquired
- util_linux: update terminology
- lxd: Fix snapshot index retrieval
- lxd/backups: Use backups dir for unpack
- lxd/vm: Add udev rule fallback
- lxd/images: Set arch names when downloading
- lxd: More flexible compression algorithms
- tests: Add test for compression options
- doc/rest-api: Rename rootfs to root
- doc/rest-api: Fix instance PATCH example
- lxd: Fix building with clang
- lxd/db: Add missing criteria for querying a specific public image
- lxd/db: Add the Errored storage state when rendering the Status field
- lxd/cluster: If raft node 1 gets remove during recovery, add it back
- lxd/db: Make GetNework() return an error if the network is pending
- lxd/db: Rename NetworkCreatePending to CreatePendingNetwork
- lxd/db: Make GetStoragePool() return an error if the pool is pending
- lxd/db: Rename StoragePoolCreatePending to CreatePendingStoragePool
- lxd/firewall: Filter unwanted ethernet frame types when IP filtering is enabled
- lxd/storage/drivers: Bump VM fs size to 100MB
- lxd/db: Fix UsedBy for profiles on storage pools
- lxd/storage: Use Truncate to create/grow VM files
- lxd/db: Consider personalities in GetNodeWithLeastInstances
- lxd/db: Avoid test failure in arch matching
- lxd/storage: Better handle broken volumes
- client: Handle unknown image sizes
- lxd/response: Stream multi-part responses
- lxd/device/disk: Fixes cloud-init errors for VMs
- lxc/action: Show usage on missing target
- lxd/storage: Rely on UsedBy for deletion error
- lxd/instances/qemu: Use images dir during compression
- lxd/storage/drivers: Rename fs to filesystem
- api: custom_block_volumes
- shared/api: Add ContentType to storage volume structs
- lxd/migration: Add ContentType to structs
- lxd/db/cluster: Add content type to storage volumes
- lxd/db: Add content type constants
- lxd/db: Add content type to storage volumes
- lxd/storage/utils: Add content type conversion functions
- lxd: Support custom block volumes
- lxd/storage: Show type in error
- lxd/device/disk: Handle custom block volumes
- client: Support custom block volumes
- lxc/storage_volume: Support custom block volumes
- test/suites: Add tests for custom block volumes
- po: Update translations
- lxd/storage: Backward compatibility for content types
- doc/storage: Document block storage volumes
- lxd/util: Detect hugetlbfs mount point
- lxd/cluster: Always check for dqlite protocol version mismatches
- lxd/cluster: Don't run unnecessary HEAD probe upon dqlite connections
- forksyscall: use nsids for shiftfs syscall intercepts
- lxd/db: Drop ClusterRoleDatabase records from the database
- lxd/cluster: Fetch database role information directly from raft
- lxd/storage: Fix regression in truncate handling
- lxd/cluster: Only look up raft_nodes for resolving the address of node 1
- i18n: Update translations from weblate
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.0.2 リリースのお知らせ¶
25th of June 2020
はじめに ¶
LXD チームは LXD 4.0.2 のリリースを発表します!
このリリースは、2025 年 6 月までサポートされる LXD 4.0 に対するふたつめのバグフィックスリリースです。
バグ修正と改良 ¶
このリリースには、開発ブランチからの数カ月分のバグフィックスと細かな改善が含まれています。
その主なものは次の通りです:
- VM での CPU NUMA レイアウトの自動マッチング
- VM で PCIe レイアウトの更新(入力デバイスと仮想GPUを含む)
- zsys ZFS レイアウトのサポートと自動検出
lxc config getに--expandedオプションを追加- image/backup時の圧縮ツールの引数のサポート
lxc listに新たにdiskとmemory(オプション)カラムを追加- VM での GPU パススルーのサポート
lxc startとlxc restartに--consoleオプションを追加
コミットの全リストは次のとおりです(翻訳なし):
- lxd-agent: Support systemd-notify
- lxd/qemu: Switch default unit type to notify
- lxd/storage/backend/lxd: Updates CreateInstanceFromImage to use reverter
- lxd/storage/drivers/errors: Adds ErrCannotBeShrunk error
- lxd/storage/drivers/utils: Updates to shrinkFileSystem ErrCannotBeShrunk error
- lxd/storage/backend/lxd: Updates CreateInstanceFromImage to detect ErrCannotBeShrunk
- lxd/storage/drivers: Returns ErrCannotBeShrunk when block volume cannot be shrunk
- lxd/device/proxy: Dont allow proxy_protocol to be set when in nat mode
- lxd/device/proxy: Dont wrap lines
- lxd/device/proxy: Improves validation
- test/suites/container/devices/proxy: Updates tests with new validation rules
- lxd: Updates snapshotProtobufToInstanceArgs to support instance type
- lxd/qemu: Match basic NUMA layout
- lxd/storage/drivers/driver/zfs/volumes: Delete volume on error in CreateVolumeFromCopy
- lxd-agent/main/agent: Adds comment about reason for systemd-notify usage
- lxd/cgroup: Fix memory controller detection
- lxd/migration/migrate/proto: Fix alignment
- lxd/migration: Adds volumeSize field to MigrationHeader
- lxd/migrate: Adds VolumeSize to MigrationSinkArgs
- lxd/migration/migration/volumes: Adds VolumeSize to VolumeTargetArgs
- lxd/migrate/instance: Use VolumeSize from offer header in Do()
- lxd/storage/backend/lxd: Use VolumeSize from migration header in CreateInstanceFromMigration
- lxd/storage/drivers: Exports BlockDevSizeBytes function
- lxd/storage/utils: Adds InstanceDiskBlockSize
- lxd/migrate/instance: Populate offerHeader.VolumeSize for VMs
- lxd/storage/backend/lxd: Adds VM volume size hint to CreateInstanceFromCopy
- lxd/device/utils: Do not add the Ceph mon port if already present in /etc/ceph config file
- lxd/instance/qemu: Add comment on cpuTopology
- lxd/storage/ceph: Support port in URL
- lxd/storage/drivers/utils: Makes minBlockBoundary available to other functions
- lxd/storage/drivers/driver/zfs/utils: Updates createVolume to use minBlockBoundary
- lxd/storage/drivers/driver/zfs/volumes: Updates SetVolumeQuota to use minBlockBoundary
- lxd/storage/drivers/zfs/volumes: Updates CreateVolume to allow regeneration of deleted image volumes
- lxd/storage/drivers/driver/zfs/volumes: Dont revert on rename success
- lxd/daemon: Remove duplicated logic
- lxd/instance/qemu: Announce LXD in SMBIOS
- share/usbid: Don't print error when missing
- lxd/init: Auto-detect and use Ubuntu ZFS setup
- lxc/config: Add --expanded to get
- client/interfaces: Add Mode to ImageCopyArgs
- shared/api/image: Add ImageExportPost
- client/lxd_images: Set fingerprint and secret headers
- i18n: Update translation templates
- client: Add relay mode for image copy
- client: Add ExportImage to ImageServer
- client: Add push mode for image copy
- client: Add GetOperationWaitSecret
- Resolve both core.https_address and cluster.https_address when comparing IPs
- lxd/storage/drivers/generic/vfs: Skip missing files during export
- lxd/images: Fixes hang in export when invalid --compression argument passed
- lxd/storage/drivers/driver/btrfs/volumes: CreateVolumeFromCopy only use expanded volume size when source is image
- lxd/storage/drivers/driver/ceph/volumes: Allow cached volume regeneration in CreateVolume
- lxd/storage/drivers/driver/ceph/utils: Uses defaultBlockSize rather than hardcoded 10GB
- lxd/storage/drivers/driver/ceph/volumes: Adds getVolumeSize function
- lxd/storage/drivers/driver/ceph/volumes: Removes unnecessary mount/unmount
- lxd/storage/drivers/driver/zfs/volumes: Clarify clone comments
- lxd/storage/drivers/driver/ceph/volumes: Dont wrap lines
- lxd/storage/drivers/driver/ceph/volumes: Dont use clone mode when creating volume from cached image when it is disabled
- lxd/storage/utils: VolumeDBCreate comment formatting
- lxd/storage/drivers/driver/lvm/volumes: CreateVolumeFromCopy only set volume size from expanded config when source is image
- lxd/storage/drivers/driver/zfs/volumes: CreateVolumeFromCopy only set volume size from expanded config when source is image
- lxc/storage/drivers/driver/ceph/utils: Reworks parseParent to return a Volume struct
- lxd/storage/drivers/driver/ceph/utils: Adds tests for parseParent
- lxd/storage/drivers/driver/ceph/utils: Adds cephVolumeTypeZombieImage constant
- lxd/storage/drivers/driver/ceph/utils: Updates rbdCreateVolume to accept string size
- lxd/storage/drivers/driver/ceph/utils: Pass volume config in rbdMarkVolumeDeleted
- lxd/storage/drivers/driver/ceph/utils: Pass volume config in rbdRenameVolume
- lxd/storage/drivers/driver/ceph/utils: Replaces getRBDSize with volumeSize
- lxd/storage/drivers/driver/ceph/utils: Dont wrap lines
- lxd/storage/drivers/driver/ceph/utils: Updates usage of d.parseParent in deleteVolume
- lxd/storage/drivers/driver/ceph/utils: Updates RBD naming logic in getRBDVolumeName
- lxd/storage/drivers/driver/ceph/volumes: Ensures CreateVolumeFromCopy correctly sizes new volume
- lxd/storage/drivers/driver/ceph/volumes: If volume doesn't exist in DeleteVolume do nothing
- lxd/storage/drivers/driver/ceph/utils: Dont wrap lines
- lxd/db: Rename CertificatesGet to GetCertificates
- lxd/db: Rename CertificateGet to GetCertificate
- lxd/db: Rename CertSave to CreateCertificate
- lxd/db: Rename CertDelete to DeleteCertificate
- lxd/db: Rename CertUpdate to UpdateCertificate
- lxd/db: Drop unused ConfigValueSet
- lxd/instances/post: Fix revert in createFromBackup
- lxd/storage/drivers/volume: Adds allowUnsafeResize bool to Volume struct
- lxd/storage/backend/lxd: Adds cannot shrink error handling in CreateInstanceFromBackup
- lxd/storage/drivers/generic/vfs: Sets block volume size to file size of volume in tarball in genericVFSBackupUnpack
- lxd/storage/drivers/driver/btrfs/volumes: No need to move GPT header if no filler used in CreateVolume
- lxd/storage/drivers/driver/btrfs/volumes: Skip GPT header move in SetVolumeQuota when allowUnsafeResize is enabled
- lxd/storage/drivers/driver/dir/volumes: Skip GPT header move in SetVolumeQuota when allowUnsafeResize is enabled
- lxd/storage/drivers/driver/lvm/volumes: Allow unsafe shrinking when allowUnsafeResize is enabled
- lxd/storage/drivers/driver/zfs/volumes: Allow unsafe shrinking when allowUnsafeResize is enabled
- lxd/storage/drivers/driver/ceph/volumes: Allow unsafe shrinking when allowUnsafeResize is enabled
- lxd/db: Rename InstanceNames to GetInstanceNames
- lxd/db: Rename ContainerNodeAddress to GetNodeAddressOfInstance
- lxd/db: Rename ContainersListByNodeAddress to GetInstanceNamesByNodeAddress
- lxd/db: Rename ContainersByNodeName to GetInstanceToNodeMap
- lxd/db: Rename ContainerNodeMove to UpdateInstanceNode
- lxd/db: Rename ContainerNodeProjectList to GetLocalInstancesInProject
- lxd/db: Rename ContainerConfigInsert to CreateInstanceConfig
- lxd/db: Rename ContainerConfigUpdate to UpdateInstanceConfig
- lxd/db: Rename InstanceRemove to RemoveInstance
- lxd/db: Rename ContainerProjectAndName to GetInstanceProjectAndName
- lxd/db: Rename ContainerConfigClear to DeleteInstanceConfig
- lxd/db: Rename ContainerConfigGet to GetInstanceConfig
- lxd/db: Rename ContainerConfigRemove to DeleteInstanceConfigKey
- lxd/db: Rename ContainerSetStateful to UpdateInstanceStatefulFlag
- lxd/db: Rename ContainerProfilesInsert to AddProfilesToInstance
- lxd/db: Drop unused ContainerProfiles
- lxd/db: Drop unused ContainerConfig
- lxd/db: Remove unused ContainersNodeList
- lxd/db: Rename ContainersResetState to ResetInstancesPowerState
- lxd/db: Rename ContainerSetState to UpdateInstancePowerState
- lxd/db: Rename ContainerUpdate to UpdateInstance
- lxd/db: Rename InstanceSnapshotCreationUpdate to UpdateInstanceSnapshotCreationDate
- lxd/db: Rename ContainerLastUsedUpdate to UpdateInstanceLastUsedDate
- lxd/db: Rename ContainerGetSnapshots to GetInstanceSnapshotsNames
- lxd/db: Rename ContainerNextSnapshot to GetNextInstanceSnapshotIndex
- lxd/db: Rename InstancePool to GetInstancePool
- lxd/db: Rename ContainerBackupID to getInstanceBackupID
- Rename ContainerGetBackup to GetInstanceBackup
- lxd/db: Rename InstanceCreateBackup to CreateInstanceBackup
- lxd/db: Rename InstanceBackupRemove to DeleteInstanceBackup
- lxd/db: ContainerBackupRename to RenameInstanceBackup
- lxd/db: Rename ContainerBackupsGetExpired to GetExpiredInstanceBackups
- lxd/storage/drivers/utils: Updates roundVolumeBlockFileSizeBytes and ensureVolumeBlockFile to take size as bytes
- lxd/storage/drivers/generic/vfs: Updates genericVFSResizeBlockFile to accept size as bytes
- lxd/storage/drivers/driver/btrfs/utils: Adds volumeSize function
- lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolume to use volumeSize()
- lxd/storage/drivers/driver/btrfs/volumes: Updates SetVolumeQuota to be byte oriented internally
- lxd/storage/drivers/driver/ceph/utils: Updates volumeSize comment for consistency
- lxd/storage/drivers/driver/ceph/volumes: Updates CreateVolumeFromCopy to use volumeSize()
- lxd/storage/drivers/driver/ceph/volumes: Updates SetVolumeQuota to be byte oriented internally
- lxd/storage/drivers/driver/dir/utils: Adds volumeSize function
- lxd/storage/drivers/driver/dir/volumes: Updates CreateVolume to use volumeSize
- lxd/storage/drivers/driver/dir/volumes: Updates SetVolumeQuota to be byte oriented internally
- lxd/storage/drivers/driver/lvm/utils: Updates copyThinpoolVolume to use volumeSize()
- lxd/storage/drivers/driver/lvm/volumes: Updates SetVolumeQuota variables and comments
- lxd/storage/drivers/driver/zfs/utils: Adds volumeSize function
- lxd/storage/drivers/driver/zfs/volumes: Updates CreateVolume to use volumeSize()
- lxd/storage/drivers/driver/zfs/volumes: Updates CreateVolumeFromCopy to use volumeSize()
- lxd/storage/drivers/driver/zfs/volumes: Updates SetVolumeQuota to be byte oriented internally
- lxd/db: Rename DevicesAdd to AddDevicesToEntity
- lxd/storage/backend/lxd: Detect cached image filesystem changes for VM images too
- lxd/db: Remove unused Devices
- lxd/db: Rename ImagesGetLocal to GetLocalImages
- lxd/db: Rename ImagesGet to GetImages
- lxd/db: Rename ImagesGetExpired to GetExpiredImages
- lxd/db: Rename ImageSourceInsert to CreateImageSource
- lxd/db: Rename ImageSourceGet to GetImageSource
- lxd/db: Rename ImageGetFromAnyProject to GetImageFromAnyProject
- lxd/db: Rename ImageLocate to LocateImage
- lxd/db: Rename ImageDelete to DeleteImage
- lxd/db: Rename ImageAliasesGet GetImageAliases
- lxd/db: Rename ImageAliasGet to GetImageAlaias
- lxd/db: Rename ImageAliasRename to RenameImageAlias
- lxd/db: Rename ImageAliasDelete to DeleteImageAlias
- lxd/db: Rename ImageAliasesMove to MoveImageAlias
- lxd/db: Rename ImageAliasAdd to CreateImageAlias
- lxd/db: Rename ImageAliasUpdate to UpdateImageAlias
- lxd/db: Rename ImageCopyDefaultProfiles to CopyDefaultImageProfiles
- lxd/db: Rename ImageLastAccessUpdate to UpdateImageLastUseDate
- lxd/db: Rename ImageLastAccessInit to InitImageLastUseDate
- lxd/db: Rename ImageUpdate to UpdateImage
- lxd/db: Rename ImageInsert to CreateImage
- lxd/db: Rename ImageGetPools to GetPoolsWithImage
- lxd/db: Rename ImageGetPoolNamesFromIDs to GetPoolNamesFromIDs
- lxd/db: Rename ImageUploadedAt to UpdateImageUploadDate
- lxd/db: Rename ImagesGetOnCurrentNode to GetImagesOnLocalNode
- lxd/db: Rename ImagesGetByNodeID to GetImagesOnNode
- lxd/db: Replace ImageGetNodesWithImage with GetNodesWithImage
- lxd/db: Rename ImageGetNodesWithoutImage to GetNodesWithoutImage
- lxc/image: Actually refresh multiple images
- lxd/resources: Use permanent MAC when available
- lxd/qemu: Restrict NUMA layout to x86_64
- Consider all nodes when looking for the leader, not only voters
- Only attempt to transfer leadership if we are not standalone
- lxd/db: Rename NetworksNodeConfig to GetNetworksLocalConfig
- lxd/db: Rename NetworkIDsNotPending to GetNonPendingNetworkIDs
- lxd/db: Rename NetworkID to GetNetworkID
- lxd/db: Rename NetworkConfigAdd to CreateNetworkConfig
- lxd/db: Rename Networks to GetNetworks
- lxd/db: Rename NetworksNotPending to GetNonPendingNetworks
- lxd/db: Rename NetworksNotPending to GetNonNetworks
- lxd/db: Rename NetworkGetInterface to GetNetworkWithInterface
- lxd/db: Rename NetworkConfig to getNetworkConfig
- lxd/db: Rename NetworkCreate to CreateNetwork
- lxd/db: Rename NetworkUpdate to UpdateNetwork
- lxd/db: Rename NetworkConfigClear to clearNetworkConfig
- lxd/db: Rename NetworkDelete to DeleteNetwork
- lxd/db: Rename NetworkRename to RenameNetwork
- lxd/db: Rename NetworkNodeConfigKeys to NodeSpecificNetworkNodeConfig
- lxd/db: Rename ImageGet to GetImage
- lxd/db: Rename ImageAssociateNode to AddImageToLocalNode
- lxd/daemon: Detect nodev and improve errors
- lxd/db: Rename NodeByAddress to GetNodeByAddress
- lxd/db: Rename NodePendingByAddress to GetPendingNodeByAddress
- lxd/db: Rename NodeByName to GetNodeByName
- lxd/db: Rename NodeName to GetLocalNodeName
- lxd/db: Rename NodeAddress to GetLocalNodeAddress
- lxd/db: Rename Nodes to GetNodes
- lxd/db: Rename NodesCount to GetNodesCount
- lxd/db: Rename NodeRename to RenameNode
- lxd/db: Rename NodeAdd to CreateNode
- lxd/db: Rename NodeAddWithArch to CreateNodeWithArch
- lxd/db: Rename NodePending to SetNodePendingFlag
- lxd/db: Rename NodeUpdate to UpdateNode
- lxd/db: Rename NodeAddRole to CreateNodeRole
- lxd/db: Rename NodeRemoveRole to RemoveNodeRole
- lxd/db: Rename NodeUpdateRoles to UpdateNodeRoles
- lxd/db: Rename NodeRemove to RemoveNode
- lxd/db: Rename NodeHeartbeat to SetNodeHeartbeat
- lxd/db: Rename NodeOfflineThreshold to GetNodeOfflineThreshold
- lxd/db: Rename NodeClear to ClearNode
- lxd/db: Rename NodeWithLeastContainers to GetNodeWithLeastInstances
- lxd/db: Rename NodeUpdateVersion to SetNodeVersion
- lxd/db: Rename Operations to GetLocalOperations
- lxd/db: Rename OperationsUUIDs to GetLocalOperationsUUIDs
- lxd/db: Rename OperationNodes to GetNodesWithRunningOperations
- lxd/db: Rename OperationByUUID to GetOperationByUUID
- lxd/db: Rename OperationAdd to CreateOperation
- lxd/db: Rename OperationRemove to RemoveOperation
- lxd/db: Rename OperationFlush to removeNodeOperations
- lxd/db: Rename Patches to GetAppliedPatches
- lxd/db: Rename PatchesMarkApplied to MarkPatchAsApplied
- lxd/db: Rename Profiles to GetProfileNames
- lxd/db: Rename ProfileGet to GetProfile
- lxd/db: Rename ProfilesGet to GetProfiles
- lxd/db: Drop ProfileConfig
- lxd/db: Rename ProfileDescriptionUpdate to UpdateProfileDescription
- lxd/db: Rename ProfileConfigClear to ClearProfileConfig
- lxd/db: Rename ProfileConfigAdd to CreateProfileConfig
- lxd/db: Rename ProfileContainersGet to GetInstancesWithProfile
- lxd/db: Rename ProfileCleanupLeftover to RemoveUnreferencedProfiles
- lxd/db: Rename ProfilesExpandConfig to ExpandInstanceConfig
- lxd/db: Rename ProfilesExpandDevices to ExpandInstanceDevices
- lxd/storage/drivers/generic/vfs: Dont require access to block device when excluding root image file from rsync in genericVFSMigrateVolume
- lxd/storage/drivers/driver/zfs/volumes: Updates MigrateVolume to avoid need to premount snapshot volume
- test/suites/storage/volume/attach: Adds test for custom volume root perm persistence
- lxd/storage/drivers: Fixes custom volume root mount perm issue for BTRFS and DIR
- lxc/storage/drivers/volume: Removes keepDevice from Volume
- lxd/storage/drivers/driver/ceph/volumes: Removes keepDevice usage
- lxc/storage/drivers/driver/ceph/volumes: Mount changes
- lxd/storage/drivers/driver/ceph/volumes: UnmountVolume modifications
- lxd/storage/drivers/driver/ceph/volumes: Esnure permission on volume root set in CreateVolume
- lxd/resources: Skip NVME multipath entries
- lxd/db: Rename ProjectNames to GetProjectNames
- lxd/db: Rename ProjectMap to GetProjectIDsToNames
- lxd/db: Rename ProjectUpdate to UpdateProject
- lxd/db: Rename ProjectLaunchWithoutImages to InitProjectWithoutImages
- lxd/db: Rename RaftNodes to GetRaftNodes
- lxd/db: Rename RaftNodeAddresses to GetRaftNodeAddresses
- lxd/db: Rename RaftNodeAddress to GetRaftNodeAddress
- lxd/db: Rename RaftNodeFirst to CreateFirstRaftNode
- lxd/db: Rename RaftNodeAdd to CreateRaftNode
- lxd/db: Rename RaftNodeDelete to RemoveRaftNode
- lxd/db: Rename RaftNodesReplace to ReplaceRaftNodes
- lxd/db: Rename InstanceSnapshotConfigUpdate to UpdateInstanceSnapshotConfig
- lxd/db: Rename InstanceSnapshotID to GetInstanceSnapshotID
- lxd/db: Rename StoragePoolsNodeConfig to GetStoragePoolsLocalConfig
- lxd/db: Rename StoragePoolID to GetStoragePoolID
- lxd/db: Rename StoragePoolDriver to GetStoragePoolDriver
- lxd/db: Rename StoragePoolIDsNotPending to GetNonPendingStoragePoolsNamesToIDs
- lxd/db: Rename StoragePoolNodeJoin to UpdateStoragePoolAfterNodeJoin
- lxd/db: Rename StoragePoolConfigAdd to CreateStoragePoolConfig
- lxd/db: Rename StoragePoolNodeConfigs to GetStoragePoolNodeConfigs
- lxd/db: Rename StoragePools to GetStoragePoolNames
- lxd/db: Rename StoragePoolsNotPending to GetNonPendingStoragePoolNames
- lxd/db: Rename StoragePoolsGetDrivers to GetStoragePoolDrivers
- lxd/db: Rename StoragePoolGetID to GetStoragePoolID
- lxd/db: Rename StoragePoolGet to GetStoragePool
- lxd/db: Rename StoragePoolConfigGet to getStoragePoolConfig
- lxd/db: Rename StoragePoolCreate to CreateStoragePool
- lxd/db: Rename StoragePoolUpdate to UpdateStoragePool
- lxd/db: Rename StoragePoolConfigClear to clearStoragePoolConfig
- lxd/db: Rename StoragePoolDelete to RemoveStoragePool
- lxd/db: Rename StoragePoolVolumesGetNames to GetStoragePoolVolumesNames
- lxd/db: Rename StoragePoolVolumesGetAllByType to GetStoragePoolVolumesWithType
- lxd/db: Rename StoragePoolVolumesGet to GetStoragePoolVolumes
- lxd/db: Rename StoragePoolNodeVolumesGet to GetLocalStoragePoolVolumes
- lxd/db: Rename StoragePoolVolumeSnapshotsGetType to GetLocalStoragePoolVolumeSnapshotsWithType
- lxd/db: Rename StoragePoolNodeVolumesGetType to GetLocalStoragePoolVolumesWithType
- lxd/db: Rename StoragePoolNodeVolumeGetTypeByProject to GetLocalStoragePoolVolume
- lxd/db: Rename StoragePoolVolumeUpdateByProject to UpdateStoragePoolVolume
- lxd/db: Rename StoragePoolVolumeDelete to RemoveStoragePoolVolume
- lxd/db: Rename StoragePoolVolumeRename to RenameStoragePoolVolume
- lxd/db: Rename StoragePoolVolumeCreate to CreateStoragePoolVolume
- lxd/db: Rename StoragePoolNodeVolumeGetTypeIDByProject to GetStoragePoolNodeVolumeID
- lxd/db: Rename StoragePoolInsertZfsDriver to FillMissingStoragePoolDriver
- lxd/storage/zfs: Use TryUnmount
- ethtool: add ethtoolGset() helper
- Support two-phase creation of a storage pool on single-node cluster
- lxd/storage/drivers/driver/btrfs/utils: Adds setSubvolumeReadonlyProperty function
- lxd/storage/drivers/driver/btrfs/volumes: Removes readonly argument from snapshotSubvolume
- lxd/storage/drivers/driver/btrfs: d.setSubvolumeReadonlyProperty and d.snapshotSubvolume usage
- lxd/db: Rename StoragePoolVolumeGetType to GetStoragePoolVolume
- lxd/db: Rename StoragePoolVolumeSnapshotCreate to CreateStorageVolumeSnapshot
- lxd/db: Rename StoragePoolVolumeSnapshotUpdateByProject to UpdateStoragePoolVolumeSnapshot
- lxd/db: Rename StorageVolumeSnapshotExpiryGet to GetStorageVolumeSnapshotExpiry
- lxd/db: Rename StorageVolumeSnapshotsGetExpired to GetExpiredStorageVolumeSnapshots
- resources/ethtool: implement ETHTOOL_GLINKSETTINGS
- lxd/storage/drivers/driver/btrfs/utils: Adds getSubvolumesMetaData function
- lxd/storage/drivers/driver/btrfs/volumes: Maintain subvolume readonly state in snapshot
- lxd/storage/driversr/driver/btrfs/utils: Allow ro subvolumes to be deleted in deleteSubvolume
- lxd/storage/drivers/driver/btrfs/volumes: Updates MigrateVolume to send subvolumes
- lxd/storage/drivers/driver/btrfs/volumes: Fail backup when cleanup fails in BackupVolume
- lxd/storage/drivers/driver/btrfs/volumes: Better naming of variables in unpackVolume
- lxd/migration/migrate/proto: Adds BTRFS Features to offer header
- lxd/migration/utils: Adds GetBtrfsFeaturesSlice function
- lxd/migration/migration/volumes: Adds BTRFS feature support to TypesToHeader
- lxd/migration/migration/volumes: Adds BTRFS feature support to MatchTypes
- lxd/storage/drivers/driver/btrfs: Adds BTRFS features to MigrationTypes
- lxd/storage/memorypipe: Dont make ioutil.ReadAll panic on cancel
- lxd/storage/drivers/driver/btrfs/utils: Kill btrfs send on error in sendSubvolume
- lxd/storage/drivers/driver/btrfs/utils: Support subvolumes in receiveSubvolume
- lxd/storage/drivers/driver/btrfs/utils: Adds metadataHeader function
- lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromMigration to receive subvolumes
- lxd/db: Rename StorageVolumeNodeAddresses to GetStorageVolumeNodeAddresses
- lxd/db: Rename StorageVolumeDescriptionGet to GetStorageVolumeDescription
- lxd/db: Rename StorageVolumeNextSnapshot to GetNextStorageVolumeSnapshotIndex
- lxd/db: Rename StorageVolumeCleanupImages to RemoveStorageVolumeImages
- lxd/db: Rename StorageVolumeMoveToLVMThinPoolNameKey to UpgradeStorageVolumConfigToLVMThinPoolNameKey
- lxd/db: Update naming pattern for generated database code
- client/lxd_images: Fix backward compatibility
- lxd/storage/btrfs: Fix migration from snapshot
- shared/generate/db: Fix generation of Exists method
- lxd/db: Make generated code stable across "make update-schema" runs
- lxd/db: Leverage code-generation for certificates
- shared: Rewrite OpenPty without cgo
- openpty: use O_CLOEXEC directly
- openpty: use fchown()
- openpty: first unlock the master, then get a slave fd
- openpty: use TIOCGPTPEER if available
- lxd/storage/drivers/driver/lvm/utils: Adds lvmSnapshotSeparator constant and updates lvmFullVolumeName to use it
- lxd/storage/drivers/driver/lvm/utils: Adds lvmEscapedHyphen and updates lvmFullVolumeName usage
- lxd/storage/drivers/driver/lvm/utils: Adds parseLogicalVolumeSnapshot function
- lxd/storage/drivers/driver/lvm/utils: Adds tests for parseLogicalVolumeSnapshot
- lxd/storage/drivers/driver/lvm/volumes: Updates VolumeSnapshots to use parseLogicalVolumeSnapshot
- test: Adds tests for snapshot naming conflicts
- lxd/firewall/drivers: Fix nft syntax
- lxc/project: Fix remote handling
- tests: Fix bad project switch call
- lxd/seccomp: Fix profile conflict between projects
- lxd/storage/drivers/driver/lvm/utils: Adds activateVolume and deactivateVolume functions
- lxd/storage/drivers/driver/lvm/utils: Set --setactivationskip on in createLogicalVolume
- lxd/storage/drivers/driver/lvm/utils: Set --setactivationskip on in createLogicalVolumeSnapshot
- lxd/storage/drivers/driver/lvm/utils: Activate volume in copyThinpoolVolume when regeneration FS UUID
- lxd/storage/drivers/driver/lvm: Dont activate all volumes on pool mount
- lxd/storage/drivers/driver/lvm/volumes: Activate volume before generic copy in CreateVolumeFromCopy
- lxd/storage/drivers/driver/lvm/volumes: Activate volume in SetVolumeQuota
- lxd/storage/drivers/driver/lvm/volumes: Activate volume in MountVolume
- lxd/storage/drivers/driver/lvm/volumes: Deactivate volume in UnmountVolume
- lxd/storage/drivers/driver/lvm/volumes: Acticate volume before generic migrate in MigrateVolume
- lxd/storage/drivers/driver/lvm/volumes: Activate volume in MountVolumeSnapshot
- lxd/storage/drivers/driver/lvm/volumes: Deactivate volume in UnmountVolumeSnapshot
- lxd/storage/drivers/driver/lvm/volumes: Activate volume before FS UUID regen in RestoreVolume
- openpty: fix TIOCGPTPEER usage
- Make network address bind error fatal when clustered
- lxd/storage/drivers/driver/btrfs/utils: Renames metadatHeader to restorationHeader
- lxd/storage/drivers/driver/btrfs/volumes: d.restorationHeader usage
- lxd/storage/drivers/driver/btrfs/volumes: Clarifies comments in MigrateVolume
- lxd/storage/drivers/driver/btrfs/volumes: Adds safety net against failed matching of subvolumes
- lxd/storage/drivers/driver/btrfs/utils: Fix deleteSubvolume to support recursive delete with intermediate ro subvols
- lxd/storage/drivers/utils: Mark BTRFSSubVolumeMakeRo and BTRFSSubVolumeMakeRw deprecated
- lxd/storage/drivers/driver/btrfs/volumes: Updates RestoreVolume to restore subvolume ro property
- test: Adds BTRFS subvolume tests
- lxd/storage/memorypipe: Fixes issue with partial reads losing data
- lxd/storage/drivers/driver/btrfs/volumes: Restores subvolumes ro property in CreateVolumeFromCopy
- lxd/storage/drivers/driver/btrfs/utils: Adds marshal tags to BTRFSSubVolume and BTRFSMetaDataHeader
- lxd/device/nic/bridged: Updates github.com/mdlayher/netx/eui64
- fix IPVLAN docs
- lxd/cluster: Don't run a connection proxy when connecting with the Go dqlite client
- lxd/cluster: Extract dqlite network proxy logic to standalone function and support cancellation
- lxd/cluster: Use dqliteProxy in raftDial
- lxd/cluster: Use ReadClose() to gracefully stop the dqlite proxy
- lxd/device/device/utils/generic: Removes deviceNameEncode and deviceNameDecode
- lxd/storage/drivers/utils: Adds PathNameEncode and PathNameDecode
- lxd/device/device: PathNameEncode and PathNameDecode usage
- lxd/storage/drivers/driver/types: Adds OptimizedBackupHeader field to Info
- lxd/backup/backup: Adds OptimizedHeader field to Info struct
- lxd/backup: Updates backupWriteIndex to populate the OptimizedHeader field
- lxd/storage/drivers/driver/btrfs: Sets OptimizedBackupHeader to true in Info struct response
- lxd/storage/drivers/driver/btrfs/utils: Adds warning to BTRFSSubVolume and BTRFSMetaDataHeader about shared usage
- lxd/storage/drivers/driver/btrfs/volumes: Updates BackupVolume to add subvolumes to optimized backup file
- lxd/storage/drivers/interface: Update CreateVolumeFromBackup to pass srcBackup backup.Info
- lxd/storage/backend/lxd: Pass srcBackup in CreateInstanceFromBackup
- lxd/storage/drivers: CreateVolumeFromBackup srcBackup backup.Info usage
- lxd/backup/backup: Updates GetInfo to set optimizedHeaderFalse false if not present in yaml file
- lxd/storage/drivers/driver/btrfs/utils: Adds loadOptimizedBackupHeader
- lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromBackup to restore subvolumes using optimized header file
- lxd/storage/drivers/driver/btrfs/volumes: Simplifies parent volume logic in BackupVolume
- lxd/storage/drivers/driver/btrfs/volumes: Simplifies parent volume logic for MigrateVolume
- test: Adds BTRFS backup subvolume tests
- lxd/storage/drivers/driver/btrfs/utils: Removes receiveSubvolume
- lxd/storage/drivers/driver/btrfs/utils: Adds receiveSubVolume function
- lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromMigration to use receiveSubVolume
- lxd/resources/memory: Fix memory calculation
- lxd: Improve logging of shutdown errors
- lxd/instances/post: Delete restored instance on backup post hook failure
- Fix 'how to mount home directory' shiftfs FAQ
- shared: build fs_{32,64}bit.go on mips*
- lxd/util: build fs_{32,64}bit.go on mips*
- lxd/rsync: Adds optional rsync arguments to LocalCopy
- lxd/storage/utils: Fixes ImageUnpack to not erase generated rootfs block file when doing rsync
- ethtool: don't report -1 for speed in ethtoolLink()
- lxd/storage/quota/projectquota: Fixes leaking file handles in quota_set_path and quota_get_path
- lxd/storage/quota/projectquota: Adds inherit argument to quota_set_path
- lxd/storage/quota/projectquota: Updates SetProject to recursively set project and support non-directory files
- lxd/storage/drivers/driver/dir/utils: Updates deleteQuota to use DeleteProject
- lxd/storage/drivers/driver/dir/volumes: Adds quota revert in CreateVolumeFromBackup post hook
- Always skip offline servers when rebalancing
- When demoting a voter to spare, transition to stand-by first
- test/clustering: Make sure that a killed voter can't dsirupt current leader
- lxd/cluster: Use a dedicated channel to stop the dqlite proxy
- lxd: Call Daemon.Kill() also when receiving signals (so db transactions won't be retried)
- lxd/db: Add Cluster.Kill() method to prevent retrying upon shutdown
- lxd/firewall/drivers/driver/nftables/templates: Fixes proxy nat rule dynamic family
- shared/util_linux.go: cast Rdev uint64 for mips
- lxd/storage/quota/projectquota.go: cast Rdev uint64 for mips
- lxd/device/device_utils_unix.go: cast Rdev uint64 for mips
- lxd/device/gpu.go: cast Rdev uint64 for mips
- shared: Reimplement GetPollRevents without cgo
- lxd-agent: Build statically
- Drop gccgo
- lxd-p2c: Drop cgo
- shared/ucred: Cleanup package
- lxd/api: Don't strip double slashes
- lxd/operations: Improve error message when database insertion fails
- lxd/db: Change UpdateCertificate to RenameCertificate (only renaming supported)
- lxd/db: Rename containers.go to instances.go
- shared/generate/db: Statement for deleting references (config and devices)
- lxd/db: Generate delete stements for profile config and devices
- shared/generate/db: update statement: take ID instead of natural key
- shared/generate/db: Handle config and devices in Update method
- lxd/db: Generate Update method for profiles
- lxd: Plug new UpdateProfile() db method into doProfileUpdate
- lxd: Plug new UpdateProfile() db method into updatePoolPropertyForAllObjects
- lxd/db: Generate delete statements for instance config, devices and profiles
- lxd/db: Generate UpdateInstance method
- lxd/instance: Plug the new UpdateInstance method and replace legacy logic
- lxd/db: Drop AddDevicesToEntity
- lxd/storage/drivers/driver/common: Logging quoting consistency
- lxd/storage/drivers: Adds storage_lvm_skipactivation patch
- test: Drive-by fix for flaky clustering rebalance test
- Recommend to increase the value of aio-max-nr for production use
- lxd/firewall/firewall/interface: Change definition of Compat() to return compat issue error
- lxd/firewall/drivers/driver/nftables: Updates Compat() to return compat issues as error
- lxd/firewall/drivers/drivers/xtables: Updates Compat() to return compat issues as error
- shared/simplestreams: Support uefi1.img
- lxd/firewall/firewall/load: Updates driver detection to warn when falling back to non-compatible xtables
- lxd/storage/pools: Improves delete pool error info
- instance_exec: don't panic
- lxd/qemu: Handle quoted raw.qemu
- lxd/main_forkproxy: Reduce logging
- lxd/networks: Warn on small IPv6 subnets
- lxd/network: Force DHCP custom gateway
- lxc/list: Add disk and memory columns
- i18n: Update translation template
- lxd/storage/drivers: Make sure tar reader context is cancelled before defer
- lxc/list: Fix test
- shared/archive: Wraps cancelFunc to wait until unpacker process has finished in CompressedTarReader
- lxd/cluster: Transfer leadership before adjusting roles, not after
- lxd/cluster: Add time skew detection
- test: Wait a few more seconds for the rebalance to happen
- lxd/daemon.go: Don't try to rebalance after shutdown sequence has started
- lxd/cluster: Don't try to rebalance a standalone node
- lxc/ucred: Simplify logic
- lxd/qemu: Cleanup arch checks
- lxd/qemu: Add s390x support
- lxd/api: Fail /internal/ready requests made after shutdown has started
- lxc/config: Add -e shorthand
- forkfile: port to using pidfds
- forkmount: port to using pidfds
- forkproxy: port to using pidfds
- syscall_numbers: update
- forknet: port to pidfds
- forkuevent: port to pidfds
- forksyscall: port to pidfds
- daemon: record "pidfd" extension
- lxd/storage/lvm: Correct bad VG name in patch
- shared/subprocess: Better handle slow systems
- tests: Don't assume bridge MTU can be forced up
- fork*: add "--" to not misinterpret negative integers as flags
- lxd/storage/utils: Removes unused name arg from VolumeFillDefault
- lxd/instance/drivers: storagePools.VolumeFillDefault usage
- lxd/patches: driver.VolumeFillDefault usage
- lxd/storage/utils: VolumeFillDefault usage
- lxd/storage/utils: Updates VolumeValidateConfig to require volume type
- lxd/storage/utils: Adds VolumeDBTypeToType function
- lxd/storage/utils: Updates VolumeDBCreate to pass volume type
- lxd/storage/drivers/utils: Updates ensureVolumeBlockFile to reject unsafe volume shrinking
- lxd/storage/drivers/geneirc/vfs: Removes genericVFSResizeBlockFile
- lxd/storage/drivers: ensureVolumeBlockFile usage
- lxd/storage/drivers/volume: Adds SetQuota function
- lxd/storage/drivers/volume: Adds config functions
- lxd/storage/drivers/driver/lvm/utils: Removes functions moved into Volume struct
- lxd/storage/drivers/driver/lvm/utils: Usage of volume config functions
- lxd/storage/drivers/driver/lvm/volumes: Volume config function usage
- lxd/storage/drivers: Replace volumeSize() with vol.ConfigSize()
- forknet: add missing "--" to forknet invocation on detach
- process_utils: remove a bunch of unused functions
- lxd: Make use of ExitCode
- share/subprocess: Reduce sleep back to 5
- lxd/instances/lxc: Fix calls to forknet
- forkmount: prevent interpreting negative numbers as flags
- shared/subprocess: Ensure monitor routine exits
- shared/subprocess: Properly reset state
- tests: Fix btrfs test on non-shiftfs
- tests: Old kernels don't let you rmdir btrfs
- lxd/db: Use query.SelectString helper in GetLocalImages()
- lxd/db: Use query.SelectString helper in GetImagesFingerprints()
- shared/generate/db: Support int64 fields
- lxd/db: Initial code generation for images (without references)
- lxd/db: Use the generated GetImages code to implement GetExpiredImages
- lxd/db: Use query.SelectObjects helper in GetImageSource
- lxd/db: Use query.SelectStrings helper in ImageSourceGetCachedFingerprint
- lxd/db: Use query.Count helper in ImageExists
- lxd/db: Use query.Count helper in ImageIsReferencedByOtherProjects
- lxd/db: Use query.UpsertObject helper in CreateImageSource
- lxd/cluster: Drive-by fix for flaky rebalance test
- lxd/db: Usage query.DeleteObject to implement DeleteImage
- lxd/db: Use query.SelectStrings to implement GetImageAliases
- lxd/db: Use a single transaction in GetImageAlias
- lxd/db: Use a single transaction in DeleteImageAlias
- lxd/db: Use single transaction in CreateImageAlias
- lxd/db: Usage single transaction in CreateImage
- lxd/db: Use query.SelectIntegers helper in GetPoolsWithImage
- lxd/db: Use a single transaction in GetPoolNamesFromIDs
- lxd/db: Use explicit transaction in GetInstanceProjectAndName
- lxd/db: Drop unused DeleteInstanceConfig
- shared/subprocess: Fix Stop handling
- lxd/storage/utils: Updates ImageUnpack to detect too small volume for qcow2 image and increase size before unpack
- lxd/storage/utils: Adds checks to ImageUnpack before enlarging volume
- lxd/storage/drivers/driver/types: Updates VolumeFiller Fill function to take a Volume
- lxd/storage: Updates volume filler usage to supply Volume rather than mount path
- lxd/storage/drivers/volume: Adds ConfigSizeFromSource function
- lxd/storage/drivers/driver/lvm/utils: Updates copyThinpoolVolume to only use vol.config["size"] for resizing
- lxd/storage/drivers/driver/lvm/utils: Updates Volume type in createLogicalVolumeSnapshot definition
- lxd/storage/drivers/driver/common: Adds runFiller function
- lxd/storage/backend/lxd: Updates imageFiller to return volume size
- lxd/storage/backend/lxd: Updates CreateInstanceFromImage to load image vol DB record
- lxd/storage/backend/lxd: Updates EnsureImage to record volatile.rootfs.size for block images
- lxd/storage/drivers/driver/types: Updates VolumeFiller definition to store size
- lxd/storage/utils: Validates volatile.rootfs.size key for image volumes in validateVolumeCommonRules
- lxd/storage/utils: Updates ImageUnpack to return image virtual size
- lxd/storage/drivers/driver/btrfs/volumes: d.runFiller usage
- lxd/storage/drivers/driver/ceph/volumes: d.runFiller usage
- lxd/storage/drivers/driver/cephfs/volumes: d.runFiller usage
- lxd/storage/drivers/driver/dir/volumes: d.runFiller usage
- lxd/storage/drivers/driver/lvm/volumes: d.runFiller usage
- lxd/storage/drivers/driver/zfs/volumes: d.runFiller usage
- lxd/storage/drivers/volume: Adds SetConfigSize function
- lxd/storage/backend/lxd: Updates CreateInstanceFromImage to use vol.ConfigSizeFromSource to dervice volume size
- lxd/storage/drivers: Updates CreateVolumeFromCopy to only use vol.config["size"] for resizing
- lxd: Reduce number of transactions in containerPostClusteringMigrate
- lxd/db: Use query.SelectStrings helper in LegacyContainersList
- lxd/db: Rename dbDeviceTypeToString to deviceTypeToString
- lxd/storage/drivers/utils: ensureVolumeBlockFile comment clarification
- lxd/storage/drivers/utils: Renames BlockDevSizeBytes to BlockDiskSizeBytes
- lxd/storage/utils: drivers.BlockDiskSizeBytes usage
- lxd/storage/utils: Simplifies InstanceDiskBlockSize with drivers.BlockDiskSizeBytes usage
- lxd/storage/drivers/generic/vfs: Simplifies genericVFSBackupVolume with drivers.BlockDiskSizeBytes usage
- lxd/storage/backend/lxd: Whitespace in CreateInstanceFromBackup
- lxd/storage/drivers/driver/ceph/volumes: BlockDiskSizeBytes usage in SetQuota
- lxd/storage/drivers: Updates dir and btrfs to support filler volume enlargement
- lxd/db: Group ClusterTx instance methods together
- lxd/db: Rename AddProfilesToInstance to addProfilesToInstance
- lxd/db: Move instance backup methods to backups.go
- lxd/db: Rename InstanceBackupArgs to InstanceBackup
- lxd/db: Remove unused profile functions
- lxd/db: Move storage volumes methods to storage_volumes.go
- lxd/storage/drivers/volume/test: Adds tests for Volume.ConfigSizeFromSource()
- forkuevent: fix slice allocation
- unix-hotplug: fix uevent injection
- lxd/db: Use auto-generated GetImages() to implement GetImage()
- lxd/db: Use auto-generated GetImages to implement GetImageFromAnyProject
- lxd/db: Group ClusterTx image methods together
- lxd/db: Rename ImageSourceGetCachedFingerprint to GetCachedImageSourceFingerprint
- lxd/images: Set CreatedAt on publish
- lxd: New command line option to trace SQL statements
- lxd/firewall/drivers/drivers/xtables: Updates iptablesInUse to kill process once first rule found
- lxd/backup: Fixes hang in backupCreate when invalid compression argument supplied
- lxd/storage/utils: Removes duplicated qemu-img call in ImageUnpack
- lxd/storage/utils: Switch to qemu-img dd mode in ImageUnpack
- lxd/storage/drivers/utils: Exports MinBlockBoundary
- lxd/storage/drivers: MinBlockBoundary usage
- lxd/resources: Handle missing cache size/type
- Update documentation with backup compression
- lxd/rbac: New notification API
- lxd/firewall/nft: Enhance support detection
- Fix regression in GetImageFromAnyProject
- doc/security: Adds notes about IPv6 router advertisement security
- lxd/device/nic: Changes nicValidationRules to properly validation vlan
- lxd/device/nic/bridged: Adds revert for veth pair cleanup on error
- lxd/firewall/drivers/drivers/xtables: Drops tagged vlan frames when using IP filtering
- lxd/firewall/drivers/drivers/nftables: Drops tagged vlan frames when using IP filtering
- lxd/network/network/utils: Improve comments on ovs switch attach/detach
- lxd/network/network/utils: Improves arg name in network attach/detach functions
- lxd/device/bic/bridged: Fixes openvswitch port leak when device is stopped
- lxd/network/utils: Adds IsNativeBridge function
- lxd/maas: Fix support for multiple subnets
- lxd/maas: Support projects
- lxd/dnsmasq: Add project suffix
- Remove incorrect statement about supported network devices with virtual machines According documentation supported types with virtual machines are physical, bridged, macvlan, p2p, sriov
- lxd/rbac: Fix auth for non-RBAC trusted clients
- global: Add riscv64 to build tags
- Stop using Driver.SetContextTimeout() which is a no-op
- use the coreos fork of boltdb since the original is archived/abandoned
- lxd/device/device/utils/network: Adds networkValidVLAN and networkValidVLANList functions
- lxd/device/device/utils/network: Allow VLAN ID 0 in networkValidVLAN
- lxd/instance/drivers/driver/lxc: Adds debug logging to deviceStop
- lxd/instance/drivers/driver/lxc: Adds driver revert on failed start in startCommon
- lxd/instance/drivers/driver/qemu: Adds debug logging to deviceStop
- lxd/instance/drivers/driver/qemu: Simplifies failed start device cleanup in Start
- lxd/storage/drivers/driver/ceph/utils: Removes getRBDFilesystem
- lxd/storage/drivers/driver/ceph: Replaces use of d.getRBDFilesystem with vol.ConfigBlockFilesystem
- lxd/storage/drivers/volume: Adds ConfigBlockMountOptions function
- lxd/storage/drivers/driver/ceph/utils: Removes getRBDMountOptions in place of vol.ConfigBlockMountOptions()
- lxd/storage/drivers/driver/lvm/utils: Removes volumeMountOptions in place of vol.ConfigBlockMountOptions()
- lxd/storage/drivers: Replaces driver specific mount options resolution with vol.ConfigBlockMountOptions()
- shared/api: Extend NetworkState for bridge/bond
- lxd/rbac: Don't close body when missing
- doc/storage: Cover host/disk/loop setups
- lxd/init: Tweak default loop sizing
- lxd/vm: Rename some functions
- client: Expand snap path in ConnectLXDUnix
- client: Fix ConnectLXDUnix regression
- lxd/vm: Fix PCIe slot for physical/sriov nic
- lxd/vm: Add virtio-vga card
- lxd/vm: Add spice channel
- lxd/instance/drivers/driver/qemu: Integrates built in GPU device PCI range with future passthrough GPU devices
- lxd/instance/drivers/driver/qemu/templates: Updates built in GPU device to use GPU address range prefix
- lxd/vm: Move to separate devices
- lxd/vm: Remove tiny wrapper functions
- lxd/vm: Per-architecture bus type
- add type to specify the instance type on creation Signed-off-by: Salem Yaslem s@sy.sa
- lxd/vm: Centralize port generation
- lxd/device: Sort nic devices ahead of others
- lxd/device/device/utils/generic: Adds PCI management functions for overriding driver
- lxd/device/device/utils/network: Removes network specific PCI bind/unbind functions
- lxd/device/nic/physical: Updates to use generic PCI management functions
- lxd/device/nic/sriov: Updates to use generic PCI management functions
- lxd/vm: Separate template keys in global/local
- lxd/vm: Use virtio-gpu-pci on non-x86
- lxd/vm: Rename qemuVGA to qemuGPU
- lxd/vm: Add virtio-input keyboard/mouse
- lxd/vm: Move bus allocator to own file
- lxc/volume: Fix typo in help message
- lxc/snapshot: Allow using snapshot delimiter
- doc/instances: Updates GPU device docs to show VM support
- lxd/device/gpu: Updates validation for VM support
- lxd/device/config/device/runconfig: Adds GPU field to RunConfig
- lxd/device/device/utils/generic: pciDeviceDriverOverride only check for driver binding if specified
- lxd/device/gpu: Adds VM GPU passthrough support
- lxd/instance/drivers/driver/qemu/templates: Consistent naming and casing for net dev templates
- lxd/instance/drivers/driver/qemu: Consistent net dev naming usage
- lxd/instance/drivers/driver/qemu/templates: Adds qemuGPUDevPhysical template
- lxd/instance/drivers/driver/qemu: Adds GPU passthrough support
- lxd/instance/drivers/driver/qemu/bus: Adds comments, clarifies var names, and constants for defined multi-function groups
- lxd/instance/drivers/driver/qemu: Switches to multi-function group constants and adds comments
- lxd/instance/drivers/qmp/monitor: Allow serial char device name to be passed in
- lxd/instance/drivers/driver/qemu: Defines qemuSerialChardevName to share with qemu and qmp
- lxd/instance/drivers/driver/qemu: qemuSerialChardevName usage
- lxd/instance/drivers/driver/qemu/templates: Add serial chardev name injection
- lxd/storage/quota/projectquota: Only set quota on directories and regular files
- lxd/db: Automatically strip ?project=default
- lxc/action: Properly handle --all with remotes
- lxd/projects: Properly clear empty keys
- lxd/db: Add missing feature to default project
- lxd/instance/drivers/driver/qemu: Pass-through GPU VGA mode status from host
- i18n: Update translation templates
- lxd/storage/drivers/driver/zfs/volumes: Remove snapshot when migrating as main volume
- lxd/cluster/heartbeat: Fix race in HeartbeatNode
- lxc/console: Split Console to own function
- lxc/start: Allow direct console attach
- i18n: Update translation templates
- lxd/instance/drivers/driver/qemu: Only enable GPU vga mode on x86_64 systems
- lxd/resources: Fix golint warning
- doc/api-extensions: Fix escaping
- api: resource_cpu_isolated
- lxd/resources: Add Isolated property
- lxd/resources: Don't use shared
- lxd/devices: Use resources for cpuset parsing
- lxc: Don't over-escape URLs
- lxd: Don't over-escape URLs
- lxd/db/storage: Rework UsedBy for pools
- lxd/instance/drivers/driver/qemu: Adds trans=virtio to 9p mounts
- lxc/action: Also add --console to restart
- lxd/resources/net: More flexible PCI detection
- lxc/query: Add path check
- i18n: Update translation templates
- tests: Fix bad lxc query call
- lxd/storage-pools: Tweak UsedBy URLs
- lxd/db: Tweak joins
- lxd/db: Fix UsedBy on projects
- lxd/storage_volumes: Fix UsedBy
- api: usedby_consistency
- lxd-agent/main/agent: Fix 9p mount when relative target path is supplied
- test: Updates udhcpd args to ensure process quits one lease acquired
- util_linux: update terminology
- lxd/networks: Reports profiles in UsedBy
- lxd: Fix snapshot index retrieval
- lxd/backups: Use backups dir for unpack
- lxd/vm: Add udev rule fallback
- lxd/images: Set arch names when downloading
- lxd: More flexible compression algorithms
- tests: Add test for compression options
- doc/rest-api: Rename rootfs to root
- doc/rest-api: Fix instance PATCH example
- lxd: Fix building with clang
- lxd/db: Add missing criteria for querying a specific public image
- lxd/db: Add the Errored storage state when rendering the Status field
- lxd/cluster: If raft node 1 gets remove during recovery, add it back
- lxd/db: Make GetNework() return an error if the network is pending
- lxd/db: Rename NetworkCreatePending to CreatePendingNetwork
- lxd/db: Make GetStoragePool() return an error if the pool is pending
- lxd/db: Rename StoragePoolCreatePending to CreatePendingStoragePool
- lxd/firewall: Filter unwanted ethernet frame types when IP filtering is enabled
- lxd/storage/drivers: Bump VM fs size to 100MB
- lxd/db: Fix UsedBy for profiles on storage pools
- lxd/storage: Use Truncate to create/grow VM files
- lxd/db: Consider personalities in GetNodeWithLeastInstances
- lxd/db: Avoid test failure in arch matching
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.2 リリースのお知らせ¶
5th of June 2020
はじめに ¶
LXD チームは、LXD 4.2 のリリースをお知らせすることにとてもワクワクしています!
このリリースでは、完全に新しい機能の導入と、多数のバックグラウンドの安定性の向上と速度の改良を行っています。
このリリースでのネットワークの改良は、プロジェクトごとの仮想ネットワークを OVN を使って実装するという最終的なゴールへ向かって設定した作業の始まりを示しています。この一環として、既存の OVS の扱いをいくつか修正し、VLAN フィルタリングと設定レポートをいくつか LXD に追加しました。
データベースやクラスタリングロジックの改良、問題の修正、テストカバレッジの改良、パフォーマンスの改善にもかなりの努力が払われています。
最後の注目点はセキュリティです。我々がここ数ヶ月〜数年の間に行ってきたアップストリームのカーネルでの作業から利益が得られるようになっています。このような機能を使って競合状態を避けながら、全体的に LXD をスピードアップしています。
Enjoy!
新機能とハイライト ¶
ブリッジでの VLAN フィルタリング ¶
物理的なネットワークスイッチに精通している人は、ポートやボンディングにタグなしやタグ付きの VLAN を設定するのに慣れているでしょう。Linux のソフトウェアスイッチでも、タグなし VLAN のポートごとの選択や、タグ付き VLAN のリストを全く同じように扱えます。
今回のリリースで、LXD はネイティブな Linux のブリッジと OVS の両方をサポートするようになりました。
ブリッジされた nic での vlan と vlan.tagged 設定キーを通して実装されます。vlan プロパティはタグなし VLAN を制御します。一方で、vlan.tagged は通過させるカンマ区切りのタグ付き VLAN のリストです。
ネットワーク状態情報の拡張 ¶
/1.0/networks/NAME/state API エンドポイントが拡張され、ボンディングとブリッジ固有の詳細が表示できるようになりました。これにより、LXD ホストをリモートから調査するのが容易になりました。特にクラスターの場合に役に立ちます。
ボンディングの詳細は次のように見えます:
stgraber@castiana:~$ lxc query /1.0/networks/bond0/state | jq .bond
{
"down_delay": 500,
"lower_devices": [
"dum0",
"dum1"
],
"mii_frequency": 100,
"mii_state": "up",
"mode": "balance-rr",
"transmit_policy": "layer2",
"up_delay": 100
}
ブリッジの詳細は次のように見えます:
stgraber@castiana:~$ lxc query /1.0/networks/lxdbr0/state | jq .bridge
{
"forward_delay": 1500,
"id": "8000.06099e00b912",
"stp": false,
"upper_devices": [
"tap1053b4fd",
"tapef45d46d",
"veth1651f83f",
"veth8eb3fb1a"
],
"vlan_default": 1,
"vlan_filtering": true
}
カスタムの検索ドメインのサポート ¶
新たにネットワークで domain.search 設定キーが設定でき、これを使ってインスタンスに広告する検索のためのドメインのリストをカンマ区切りで設定するために使えます。
ネットワークリストの新たな IPv4 と IPv6 カラム ¶
lxc network list のデフォルト出力で新たに IPv4 と IPv6 のサブネットを表示するようになりました。
ネットワークを識別するのがかなり簡単になりました。
stgraber@castiana:~$ lxc network list +--------+----------+---------+----------------+---------------------------+-------------+---------+ | NAME | TYPE | MANAGED | IPV4 | IPV6 | DESCRIPTION | USED BY | +--------+----------+---------+----------------+---------------------------+-------------+---------+ | bond0 | bond | NO | | | | 0 | +--------+----------+---------+----------------+---------------------------+-------------+---------+ | eth0 | physical | NO | | | | 0 | +--------+----------+---------+----------------+---------------------------+-------------+---------+ | eth1 | physical | NO | | | | 0 | +--------+----------+---------+----------------+---------------------------+-------------+---------+ | lxdbr0 | bridge | YES | 10.166.11.1/24 | fd42:4c81:5770:1eaf::1/64 | | 16 | +--------+----------+---------+----------------+---------------------------+-------------+---------+ | wlan0 | physical | NO | | | | 0 | +--------+----------+---------+----------------+---------------------------+-------------+---------+
コンテナで mips と riscv64 の VM で s390x のサポート ¶
色々な MIPS バリアントのサポートが追加され、LXD で MIPS システムをビルドして実行できるようになりました。
RISC-V 64bit のサポートも追加され、コンテナで動作することを確認しました。
ubuntu@riscv64:~$ lxc list -cns46ta +------+---------+----------------------+-----------------------------------------------+-----------+--------------+ | NAME | STATE | IPV4 | IPV6 | TYPE | ARCHITECTURE | +------+---------+----------------------+-----------------------------------------------+-----------+--------------+ | b1 | RUNNING | 10.108.12.160 (eth0) | fd42:5832:5781:1eaf:216:3eff:fedd:884d (eth0) | CONTAINER | riscv64 | +------+---------+----------------------+-----------------------------------------------+-----------+--------------+
両方とも、事実上イメージが存在しないので、今の所は Busybox を使うしかありません。
VM 側では、s390x 仮想マシンのサポートを追加しました。
すべてのコンテナのサブプロセスで pidfd を使用 ¶
LXD はコンテナ由来の PID を受け取るサブプロセスを頻繁に生成します。 これは状況次第では競合状態になる可能性があります。プロセスが終了し、我々がそれを検知する前に PID がリサイクルされる可能性があり、偶然間違った相手とやりとりしてしまう可能性があります。
Linux カーネルの pidfd に関する @brauner 氏の作業はこれを修正することを目的としています。LXD と LXC は PID を渡すのではなく、可能な限りファイルディスクリプタを特定のプロセスに渡すようにしています。
LVM ボリュームは必要なときのみアクティブに ¶
LVM はインスタンスが実行されていない限り、LV を非アクティブに保つことにより、ZFS や CEPH と同じように動作します。これにより /dev が乱雑さが減少し、小さなパフォーマンスの向上につながる可能性があります。
DB クエリのトレースサポート ¶
LXD のデータベースクエリをデバッグするために、新たに trace オプションが追加されました。
デーモンを --debug --trace database オプション付きで起動すると、すべての SQL クエリがログに記録されます。
より良いクラスターライフサイクルの扱い ¶
最近、外部の dqlite/raft/libco プロジェクトに対する自動テストを拡張し、他のダウンストリームユーザーが発見した多数の問題を修正し、LXD のロジックの一部をアップストリームのコードベースに移動しました。
LXD のクラスタリングテストは、リーダーシップの変更、ノードの再起動、デグレードのセットアップのより多くのケースをテストするために拡張されました。
クラスター化された環境でよくある問題の原因は時間のズレ(Time skew)です。数秒以上ずれると、スケジュールされたタスクやイベントなどで大混乱が引き起こされる可能性があります。これを解決するために、LXD は時間のズレを検出する方法として内部的なハートビートを使います。そして検出されたり解決された場合にログに警告を出力するようになりました。
データベース関数のクリーンアップ ¶
データベースの面では、データベースロジックのより多くがコードジェネレーターに移動され、コードを書く際にミスをするリスクを制限しています。その結果、多数の関数が非推奨となり、コードパスの一部が単一のトランザクション内で実行されるように最適化されました。
すべての変更点(翻訳なし)¶
Here is a complete list of all changes in this release:
- shared/generate/db: Fix generation of Exists method
- lxd/db: Make generated code stable across "make update-schema" runs
- lxd/db: Leverage code-generation for certificates
- shared: Rewrite OpenPty without cgo
- openpty: use O_CLOEXEC directly
- openpty: use fchown()
- openpty: first unlock the master, then get a slave fd
- openpty: use TIOCGPTPEER if available
- lxd/storage/drivers/driver/lvm/utils: Adds lvmSnapshotSeparator constant and updates lvmFullVolumeName to use it
- lxd/storage/drivers/driver/lvm/utils: Adds lvmEscapedHyphen and updates lvmFullVolumeName usage
- lxd/storage/drivers/driver/lvm/utils: Adds parseLogicalVolumeSnapshot function
- lxd/storage/drivers/driver/lvm/utils: Adds tests for parseLogicalVolumeSnapshot
- lxd/storage/drivers/driver/lvm/volumes: Updates VolumeSnapshots to use parseLogicalVolumeSnapshot
- test: Adds tests for snapshot naming conflicts
- lxd/firewall/drivers: Fix nft syntax
- lxc/project: Fix remote handling
- tests: Fix bad project switch call
- lxd/seccomp: Fix profile conflict between projects
- lxd/storage/drivers/driver/lvm/utils: Adds activateVolume and deactivateVolume functions
- lxd/storage/drivers/driver/lvm/utils: Set --setactivationskip on in createLogicalVolume
- lxd/storage/drivers/driver/lvm/utils: Set --setactivationskip on in createLogicalVolumeSnapshot
- lxd/storage/drivers/driver/lvm/utils: Activate volume in copyThinpoolVolume when regeneration FS UUID
- lxd/storage/drivers/driver/lvm: Dont activate all volumes on pool mount
- lxd/storage/drivers/driver/lvm/volumes: Activate volume before generic copy in CreateVolumeFromCopy
- lxd/storage/drivers/driver/lvm/volumes: Activate volume in SetVolumeQuota
- lxd/storage/drivers/driver/lvm/volumes: Activate volume in MountVolume
- lxd/storage/drivers/driver/lvm/volumes: Deactivate volume in UnmountVolume
- lxd/storage/drivers/driver/lvm/volumes: Acticate volume before generic migrate in MigrateVolume
- lxd/storage/drivers/driver/lvm/volumes: Activate volume in MountVolumeSnapshot
- lxd/storage/drivers/driver/lvm/volumes: Deactivate volume in UnmountVolumeSnapshot
- lxd/storage/drivers/driver/lvm/volumes: Activate volume before FS UUID regen in RestoreVolume
- openpty: fix TIOCGPTPEER usage
- Make network address bind error fatal when clustered
- lxd/storage/drivers/driver/btrfs/utils: Renames metadatHeader to restorationHeader
- lxd/storage/drivers/driver/btrfs/volumes: d.restorationHeader usage
- lxd/storage/drivers/driver/btrfs/volumes: Clarifies comments in MigrateVolume
- lxd/storage/drivers/driver/btrfs/volumes: Adds safety net against failed matching of subvolumes
- lxd/storage/drivers/driver/btrfs/utils: Fix deleteSubvolume to support recursive delete with intermediate ro subvols
- lxd/storage/drivers/utils: Mark BTRFSSubVolumeMakeRo and BTRFSSubVolumeMakeRw deprecated
- lxd/storage/drivers/driver/btrfs/volumes: Updates RestoreVolume to restore subvolume ro property
- test: Adds BTRFS subvolume tests
- lxd/storage/memorypipe: Fixes issue with partial reads losing data
- lxd/storage/drivers/driver/btrfs/volumes: Restores subvolumes ro property in CreateVolumeFromCopy
- lxd/storage/drivers/driver/btrfs/utils: Adds marshal tags to BTRFSSubVolume and BTRFSMetaDataHeader
- lxd/device/nic/bridged: Updates github.com/mdlayher/netx/eui64
- fix IPVLAN docs
- lxd/cluster: Don't run a connection proxy when connecting with the Go dqlite client
- lxd/cluster: Extract dqlite network proxy logic to standalone function and support cancellation
- lxd/cluster: Use dqliteProxy in raftDial
- lxd/cluster: Use ReadClose() to gracefully stop the dqlite proxy
- lxd/device/device/utils/generic: Removes deviceNameEncode and deviceNameDecode
- lxd/storage/drivers/utils: Adds PathNameEncode and PathNameDecode
- lxd/device/device: PathNameEncode and PathNameDecode usage
- lxd/storage/drivers/driver/types: Adds OptimizedBackupHeader field to Info
- lxd/backup/backup: Adds OptimizedHeader field to Info struct
- lxd/backup: Updates backupWriteIndex to populate the OptimizedHeader field
- lxd/storage/drivers/driver/btrfs: Sets OptimizedBackupHeader to true in Info struct response
- lxd/storage/drivers/driver/btrfs/utils: Adds warning to BTRFSSubVolume and BTRFSMetaDataHeader about shared usage
- lxd/storage/drivers/driver/btrfs/volumes: Updates BackupVolume to add subvolumes to optimized backup file
- lxd/storage/drivers/interface: Update CreateVolumeFromBackup to pass srcBackup backup.Info
- lxd/storage/backend/lxd: Pass srcBackup in CreateInstanceFromBackup
- lxd/storage/drivers: CreateVolumeFromBackup srcBackup backup.Info usage
- lxd/backup/backup: Updates GetInfo to set optimizedHeaderFalse false if not present in yaml file
- lxd/storage/drivers/driver/btrfs/utils: Adds loadOptimizedBackupHeader
- lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromBackup to restore subvolumes using optimized header file
- lxd/storage/drivers/driver/btrfs/volumes: Simplifies parent volume logic in BackupVolume
- lxd/storage/drivers/driver/btrfs/volumes: Simplifies parent volume logic for MigrateVolume
- test: Adds BTRFS backup subvolume tests
- lxd/storage/drivers/driver/btrfs/utils: Removes receiveSubvolume
- lxd/storage/drivers/driver/btrfs/utils: Adds receiveSubVolume function
- lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromMigration to use receiveSubVolume
- lxd/resources/memory: Fix memory calculation
- lxd: Improve logging of shutdown errors
- lxd/instances/post: Delete restored instance on backup post hook failure
- Fix 'how to mount home directory' shiftfs FAQ
- shared: build fs_{32,64}bit.go on mips*
- lxd/util: build fs_{32,64}bit.go on mips*
- lxd/rsync: Adds optional rsync arguments to LocalCopy
- lxd/storage/utils: Fixes ImageUnpack to not erase generated rootfs block file when doing rsync
- ethtool: don't report -1 for speed in ethtoolLink()
- lxd/storage/quota/projectquota: Fixes leaking file handles in quota_set_path and quota_get_path
- lxd/storage/quota/projectquota: Adds inherit argument to quota_set_path
- lxd/storage/quota/projectquota: Updates SetProject to recursively set project and support non-directory files
- lxd/storage/drivers/driver/dir/utils: Updates deleteQuota to use DeleteProject
- lxd/storage/drivers/driver/dir/volumes: Adds quota revert in CreateVolumeFromBackup post hook
- Always skip offline servers when rebalancing
- When demoting a voter to spare, transition to stand-by first
- test/clustering: Make sure that a killed voter can't dsirupt current leader
- lxd/cluster: Use a dedicated channel to stop the dqlite proxy
- lxd: Call Daemon.Kill() also when receiving signals (so db transactions won't be retried)
- lxd/db: Add Cluster.Kill() method to prevent retrying upon shutdown
- lxd/firewall/drivers/driver/nftables/templates: Fixes proxy nat rule dynamic family
- shared/util_linux.go: cast Rdev uint64 for mips
- lxd/storage/quota/projectquota.go: cast Rdev uint64 for mips
- lxd/device/device_utils_unix.go: cast Rdev uint64 for mips
- lxd/device/gpu.go: cast Rdev uint64 for mips
- shared: Reimplement GetPollRevents without cgo
- lxd-agent: Build statically
- Drop gccgo
- lxd-p2c: Drop cgo
- shared/ucred: Cleanup package
- lxd/api: Don't strip double slashes
- lxd/operations: Improve error message when database insertion fails
- lxd/db: Change UpdateCertificate to RenameCertificate (only renaming supported)
- lxd/db: Rename containers.go to instances.go
- shared/generate/db: Statement for deleting references (config and devices)
- lxd/db: Generate delete stements for profile config and devices
- shared/generate/db: update statement: take ID instead of natural key
- shared/generate/db: Handle config and devices in Update method
- lxd/db: Generate Update method for profiles
- lxd: Plug new UpdateProfile() db method into doProfileUpdate
- lxd: Plug new UpdateProfile() db method into updatePoolPropertyForAllObjects
- lxd/db: Generate delete statements for instance config, devices and profiles
- lxd/db: Generate UpdateInstance method
- lxd/instance: Plug the new UpdateInstance method and replace legacy logic
- lxd/db: Drop AddDevicesToEntity
- lxd/storage/drivers/driver/common: Logging quoting consistency
- lxd/storage/drivers: Adds storage_lvm_skipactivation patch
- test: Drive-by fix for flaky clustering rebalance test
- Recommend to increase the value of aio-max-nr for production use
- lxd/firewall/firewall/interface: Change definition of Compat() to return compat issue error
- lxd/firewall/drivers/driver/nftables: Updates Compat() to return compat issues as error
- lxd/firewall/drivers/drivers/xtables: Updates Compat() to return compat issues as error
- shared/simplestreams: Support uefi1.img
- lxd/firewall/firewall/load: Updates driver detection to warn when falling back to non-compatible xtables
- lxd/storage/pools: Improves delete pool error info
- instance_exec: don't panic
- lxd/qemu: Handle quoted raw.qemu
- lxd/main_forkproxy: Reduce logging
- lxd/networks: Warn on small IPv6 subnets
- lxd/network: Force DHCP custom gateway
- api: Add network_dns_search
- lxd/network: Support specifying search domain
- lxc/list: Add disk and memory columns
- i18n: Update translation template
- lxd/storage/drivers: Make sure tar reader context is cancelled before defer
- lxc/list: Fix test
- shared/archive: Wraps cancelFunc to wait until unpacker process has finished in CompressedTarReader
- lxd/cluster: Transfer leadership before adjusting roles, not after
- lxd/cluster: Add time skew detection
- test: Wait a few more seconds for the rebalance to happen
- lxd/daemon.go: Don't try to rebalance after shutdown sequence has started
- lxd/cluster: Don't try to rebalance a standalone node
- lxc/ucred: Simplify logic
- lxd/qemu: Cleanup arch checks
- lxd/qemu: Add s390x support
- lxd/api: Fail /internal/ready requests made after shutdown has started
- lxc/config: Add -e shorthand
- lxc/network: Add IPv4/IPv6 columns
- forkfile: port to using pidfds
- forkmount: port to using pidfds
- forkproxy: port to using pidfds
- syscall_numbers: update
- forknet: port to pidfds
- forkuevent: port to pidfds
- forksyscall: port to pidfds
- daemon: record "pidfd" extension
- api: Add container_nic_routed_limits
- lxd/device/nic/routed: Add limits support
- lxd/storage/lvm: Correct bad VG name in patch
- shared/subprocess: Better handle slow systems
- tests: Don't assume bridge MTU can be forced up
- lxd/db: Use query.SelectString helper in GetLocalImages()
- lxd/db: Use query.SelectString helper in GetImagesFingerprints()
- shared/generate/db: Support int64 fields
- lxd/db: Initial code generation for images (without references)
- lxd/db: Use the generated GetImages code to implement GetExpiredImages
- lxd/db: Use query.SelectObjects helper in GetImageSource
- lxd/db: Use query.SelectStrings helper in ImageSourceGetCachedFingerprint
- lxd/db: Use query.Count helper in ImageExists
- lxd/db: Use query.Count helper in ImageIsReferencedByOtherProjects
- lxd/db: Use query.UpsertObject helper in CreateImageSource
- lxd/db: Use auto-generated GetImages() to implement GetImage()
- lxd/cluster: Drive-by fix for flaky rebalance test
- lxd/db: Use auto-generated GetImages to implement GetImageFromAnyProject
- lxd/db: Usage query.DeleteObject to implement DeleteImage
- lxd/db: Use query.SelectStrings to implement GetImageAliases
- lxd/db: Use a single transaction in GetImageAlias
- lxd/db: Use a single transaction in DeleteImageAlias
- lxd/db: Use single transaction in CreateImageAlias
- lxd/db: Usage single transaction in CreateImage
- lxd/db: Use query.SelectIntegers helper in GetPoolsWithImage
- lxd/db: Use a single transaction in GetPoolNamesFromIDs
- lxd/db: Use explicit transaction in GetInstanceProjectAndName
- lxd/db: Drop unused DeleteInstanceConfig
- fork*: add "--" to not misinterpret negative integers as flags
- lxd/storage/utils: Removes unused name arg from VolumeFillDefault
- lxd/instance/drivers: storagePools.VolumeFillDefault usage
- lxd/patches: driver.VolumeFillDefault usage
- lxd/storage/utils: VolumeFillDefault usage
- lxd/storage/utils: Updates VolumeValidateConfig to require volume type
- lxd/storage/utils: Adds VolumeDBTypeToType function
- lxd/storage/utils: Updates VolumeDBCreate to pass volume type
- lxd/storage/drivers/utils: Updates ensureVolumeBlockFile to reject unsafe volume shrinking
- lxd/storage/drivers/geneirc/vfs: Removes genericVFSResizeBlockFile
- lxd/storage/drivers: ensureVolumeBlockFile usage
- lxd/storage/drivers/volume: Adds SetQuota function
- lxd/storage/drivers/volume: Adds config functions
- lxd/storage/drivers/driver/lvm/utils: Removes functions moved into Volume struct
- lxd/storage/drivers/driver/lvm/utils: Usage of volume config functions
- lxd/storage/drivers/driver/lvm/volumes: Volume config function usage
- lxd/storage/drivers: Replace volumeSize() with vol.ConfigSize()
- forknet: add missing "--" to forknet invocation on detach
- process_utils: remove a bunch of unused functions
- lxd: Make use of ExitCode
- share/subprocess: Reduce sleep back to 5
- lxd/instances/lxc: Fix calls to forknet
- forkmount: prevent interpreting negative numbers as flags
- shared/subprocess: Ensure monitor routine exits
- shared/subprocess: Properly reset state
- tests: Fix btrfs test on non-shiftfs
- tests: Old kernels don't let you rmdir btrfs
- shared/subprocess: Fix Stop handling
- lxd/storage/utils: Updates ImageUnpack to detect too small volume for qcow2 image and increase size before unpack
- lxd/storage/utils: Adds checks to ImageUnpack before enlarging volume
- lxd/storage/drivers/driver/types: Updates VolumeFiller Fill function to take a Volume
- lxd/storage: Updates volume filler usage to supply Volume rather than mount path
- lxd/storage/drivers/volume: Adds ConfigSizeFromSource function
- lxd/storage/drivers/driver/lvm/utils: Updates copyThinpoolVolume to only use vol.config["size"] for resizing
- lxd/storage/drivers/driver/lvm/utils: Updates Volume type in createLogicalVolumeSnapshot definition
- lxd/storage/drivers/driver/common: Adds runFiller function
- lxd/storage/backend/lxd: Updates imageFiller to return volume size
- lxd/storage/backend/lxd: Updates CreateInstanceFromImage to load image vol DB record
- lxd/storage/backend/lxd: Updates EnsureImage to record volatile.rootfs.size for block images
- lxd/storage/drivers/driver/types: Updates VolumeFiller definition to store size
- lxd/storage/utils: Validates volatile.rootfs.size key for image volumes in validateVolumeCommonRules
- lxd/storage/utils: Updates ImageUnpack to return image virtual size
- lxd/storage/drivers/driver/btrfs/volumes: d.runFiller usage
- lxd/storage/drivers/driver/ceph/volumes: d.runFiller usage
- lxd/storage/drivers/driver/cephfs/volumes: d.runFiller usage
- lxd/storage/drivers/driver/dir/volumes: d.runFiller usage
- lxd/storage/drivers/driver/lvm/volumes: d.runFiller usage
- lxd/storage/drivers/driver/zfs/volumes: d.runFiller usage
- lxd/storage/drivers/volume: Adds SetConfigSize function
- lxd/storage/backend/lxd: Updates CreateInstanceFromImage to use vol.ConfigSizeFromSource to dervice volume size
- lxd/storage/drivers: Updates CreateVolumeFromCopy to only use vol.config["size"] for resizing
- lxd: Reduce number of transactions in containerPostClusteringMigrate
- lxd/db: Use query.SelectStrings helper in LegacyContainersList
- lxd/db: Rename dbDeviceTypeToString to deviceTypeToString
- lxd/db: Group ClusterTx image methods together
- lxd/db: Rename ImageSourceGetCachedFingerprint to GetCachedImageSourceFingerprint
- lxd/storage/drivers/utils: ensureVolumeBlockFile comment clarification
- lxd/storage/drivers/utils: Renames BlockDevSizeBytes to BlockDiskSizeBytes
- lxd/storage/utils: drivers.BlockDiskSizeBytes usage
- lxd/storage/utils: Simplifies InstanceDiskBlockSize with drivers.BlockDiskSizeBytes usage
- lxd/storage/drivers/generic/vfs: Simplifies genericVFSBackupVolume with drivers.BlockDiskSizeBytes usage
- lxd/storage/backend/lxd: Whitespace in CreateInstanceFromBackup
- lxd/storage/drivers/driver/ceph/volumes: BlockDiskSizeBytes usage in SetQuota
- lxd/storage/drivers: Updates dir and btrfs to support filler volume enlargement
- lxd/db: Group ClusterTx instance methods together
- lxd/db: Rename AddProfilesToInstance to addProfilesToInstance
- lxd/db: Move instance backup methods to backups.go
- lxd/db: Rename InstanceBackupArgs to InstanceBackup
- lxd/db: Remove unused profile functions
- lxd/db: Move storage volumes methods to storage_volumes.go
- lxd/storage/drivers/volume/test: Adds tests for Volume.ConfigSizeFromSource()
- forkuevent: fix slice allocation
- lxd/images: Set CreatedAt on publish
- unix-hotplug: fix uevent injection
- lxd: New command line option to trace SQL statements
- lxd/firewall/drivers/drivers/xtables: Updates iptablesInUse to kill process once first rule found
- lxd/backup: Fixes hang in backupCreate when invalid compression argument supplied
- lxd/storage/utils: Removes duplicated qemu-img call in ImageUnpack
- lxd/storage/utils: Switch to qemu-img dd mode in ImageUnpack
- lxd/storage/drivers/utils: Exports MinBlockBoundary
- lxd/storage/drivers: MinBlockBoundary usage
- lxd/resources: Handle missing cache size/type
- Update documentation with backup compression
- lxd/rbac: New notification API
- lxd/firewall/nft: Enhance support detection
- lxd/device/device/utils/network: Adds networkValidVLAN and networkValidVLANList functions
- lxd/network/network/utils: Adds linux bridge VLAN management functions
- lxd/network: Enable VLAN filtering for managed Linux bridges
- lxd/device/nic: Changes nicValidationRules to properly validation vlan
- lxd/device/nic/bridged: Adds vlan validation
- lxd/device/nic/bridged: Adds revert for veth pair cleanup on error
- lxd/device/nic/bridged: Adds support for untagged and tagged vlan membership
- doc: Documents NIC bridged vlan and vlan.tagged settings
- api: Adds API extension instance_nic_bridged_vlan
- lxd/firewall/drivers/drivers/xtables: Drops tagged vlan frames when using IP filtering
- lxd/firewall/drivers/drivers/nftables: Drops tagged vlan frames when using IP filtering
- test: Adds bridged VLAN tests
- Fix regression in GetImageFromAnyProject
- doc/security: Adds notes about IPv6 router advertisement security
- lxd/device/nic/bridged: Corrects vlan comment
- lxd/network/network/utils: Improve comments on ovs switch attach/detach
- lxd/network/network/utils: Improves arg name in network attach/detach functions
- lxd/device/bic/bridged: Fixes openvswitch port leak when device is stopped
- lxd/network/utils: Adds IsNativeBridge function
- lxd/device/device/utils/network: Allow VLAN ID 0 in networkValidVLAN
- test: Updates bridged vlan ID range tests
- lxd/device/nic/bridged: Adds openvswitch vlan support
- test: Adds LXD_NIC_BRIDGED_DRIVER test environment variable
- lxd/maas: Fix support for multiple subnets
- lxd/maas: Support projects
- lxd/dnsmasq: Add project suffix
- Remove incorrect statement about supported network devices with virtual machines According documentation supported types with virtual machines are physical, bridged, macvlan, p2p, sriov
- lxd/rbac: Fix auth for non-RBAC trusted clients
- global: Add riscv64 to build tags
- Stop using Driver.SetContextTimeout() which is a no-op
- use the coreos fork of boltdb since the original is archived/abandoned
- i18n: Update translations from weblate
- api: Add network_state_bond_bridge
- shared/api: Extend NetworkState for bridge/bond
- lxd/networks: Add bridge/bond details
試用環境 ¶
この新しい LXD リリースは私たちの デモサービス で利用できます。
ダウンロード ¶
このリリースの tarball は ダウンロードページ から取得できます。
ビルド済みバイナリーは次のように使えます:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc
LXD 4.1 リリースのお知らせ¶
8th of May 2020
はじめに ¶
LXD チームは、LXD 4.1 のリリースをお知らせすることにとてもワクワクしています!
このリリースは 4.0 LTS リリースに続く初めてのフィーチャーリリースです。 通常のフィーチャーリリースですので、LXD 4.1 は、通常は約 1 ヶ月後にリリースされる 4.2 リリースまでのみサポートされます。
変更の大部分は、4.0 リリース以来行ってきたバグフィックスとリファクタリングです。しかし、多数の小さい機能の追加や改良が多数あります。
Enjoy!
新機能とハイライト ¶
イメージのプッシュとリレーのサポート ¶
インスタンスのコピー・移動と同様に、ソースサーバーが直接ターゲットサーバーにイメージをプッシュしたり、クライアントツールがサーバー間を中継したりできるようになりました。
これにより、サーバー間に存在するファイアウォールに対応するのが容易になります。
lxc image copy source:some-image target: --mode=push lxc image copy source:some-image target: --mode=relay
routed NIC デバイスのルーティングテーブルサポート ¶
routed NIC デバイスに新たにオプションがふたつ追加されました:
- ipv4.host_table
- ipv6.host_table
このオプションは、どのルーティングテーブルにルーティングルールを挿入するかをコントロールします。 デフォルトでは、これはメインのルーティングテーブルですが、これを有効にすることで代替のルーティングテーブルを使いたいというユーザーがいました。
ipvlan NIC デバイスの L2 モード ¶
LXD の ipvlan デバイスはデフォルトでは Layer 3 シンメトリックモード(l3s)です。しかし、新たな mode オプションが導入され、Layer 2 モード(l2)も使えるようになりました。
リソース API の調整 ¶
新たに system セクションが追加され、多数の DMI フィールドと LXD を実行するのに使っているシステムのタイプ(物理、仮想、コンテナ)が表示されるようになりました。
加えて、NUMA ノードが CPU スレッドレベルでトラッキングされるようになり、CPU ダイの情報もコアレベルで記録されるようになりました。
次は CPU 出力の例です:
stgraber@castiana:~$ lxc query /1.0/resources | jq .cpu
{
"architecture": "x86_64",
"sockets": [
{
"cache": [
{
"level": 1,
"size": 32768,
"type": "Data"
},
{
"level": 1,
"size": 32768,
"type": "Instruction"
},
{
"level": 2,
"size": 262144,
"type": "Unified"
},
{
"level": 3,
"size": 3145728,
"type": "Unified"
}
],
"cores": [
{
"core": 0,
"die": 0,
"frequency": 639,
"threads": [
{
"id": 0,
"numa_node": 0,
"online": true,
"thread": 0
},
{
"id": 2,
"numa_node": 0,
"online": true,
"thread": 1
}
]
},
{
"core": 1,
"die": 0,
"frequency": 658,
"threads": [
{
"id": 1,
"numa_node": 0,
"online": true,
"thread": 0
},
{
"id": 3,
"numa_node": 0,
"online": true,
"thread": 1
}
]
}
],
"frequency": 648,
"frequency_minimum": 400,
"frequency_turbo": 3500,
"name": "Intel(R) Core(TM) i5-7300U CPU @ 2.60GHz",
"socket": 0,
"vendor": "GenuineIntel"
}
],
"total": 4
}
次はシステム出力の例です:
stgraber@castiana:~$ lxc query /1.0/resources | jq .system
{
"chassis": {
"serial": "PF0QD1U7",
"type": "Notebook",
"vendor": "LENOVO",
"version": "None"
},
"family": "ThinkPad X1 Carbon 5th",
"firmware": {
"date": "02/17/2020",
"vendor": "LENOVO",
"version": "N1MET60W (1.45 )"
},
"motherboard": {
"product": "20HRCTO1WW",
"serial": "L1HF6CX006Y",
"vendor": "LENOVO",
"version": "Not Defined"
},
"product": "20HRCTO1WW",
"serial": "PF0QD1U7",
"sku": "LENOVO_MT_20HR_BU_Think_FM_ThinkPad X1 Carbon 5th",
"type": "physical",
"uuid": "7fa1c0cc-2271-11b2-a85c-aab32a05d71a",
"vendor": "LENOVO",
"version": "ThinkPad X1 Carbon 5th"
}
サーバー情報への OS データの追加 ¶
OS 情報が /1.0 と lxc info で出力されるようになりました:
stgraber@castiana:~$ lxc info | grep os_ os_name: Ubuntu os_version: "20.04"
新たな lxd cluster remove-raft-node コマンド ¶
この新たに追加されたコマンドは、LXD がデータベースのクオラムの不足で起動できない場合に、強制的にデータベースメンバーを削除するのに使えます。
コマンドラインツールの表のソートの改良 ¶
リストは自然な順序でソートされるようになり、番号付きのアイテムが適切にソートされるようになりました。 加えて、ボリュームのリストでは、スナップショットが親のすぐ後に表示されるようになりました。
すべての変更点(翻訳なし)¶
以下はこのリリースでの全変更の完全なリストです:
- doc/instances: Fix escaping
- lxc/network: Updates network detach checks to use bridged network property
- lxd/network/network/utils: Updates network setting detection in IsInUse
- lxd/instance/drivers/driver/qemu: Adds host_name info to RenderState when lxd-agent is running
- Merge pull request #7115 from tomponline/tp-bridged-network
- lxd/networks: Fix clustered configs
- Merge pull request #7114 from stgraber/master
- shared/api: Move NUMANode to thread
- lxd/resources: Set NUMANode on a per-thread basis
- lxc/info: Update for NUMANode on thread
- i18n: Update translation templates
- api: resources_cpu_threads_numa
- Merge pull request #7118 from stgraber/master
- api: resources_cpu_core_die
- lxd/resources: Parse and report die_id
- lxd/storage/drivers/driver/lvm/volumes: Mount xfs snapshot with nouuid option
- Merge pull request #7120 from stgraber/master
- lxd/storage/drivers/driver/ceph/volumes: Adds mounting logging
- lxd/instance/drivers/driver/lxc: Updates Render() to accept options arguments
- lxd/instance/drivers/driver/qemu: Updates Render() to accept options arguments
- lxd/instance/instance/interface: Updates Render() to accept options arguments
- lxd/storage/drivers/utils: Zeros btrfs transaction log in regenerateFilesystemBTRFSUUID
- lxd/storage/utils: Removes unused functions and constants
- lxd/storage/utils: Adds RenderSnapshotUsage function
- lxd/instance/snapshot: Adds storagePools.RenderSnapshotUsage to Render() in containerSnapshotsGet and snapshotGet
- lxd/instance/drivers/driver/lxc: Use storagePools.RenderSnapshotUsage in RenderFull()
- lxd/instance/drivers/driver/qemu: Use storagePools.RenderSnapshotUsage in RenderFull()
- lxd/instance/instance/utils: Removes unused WriteBackupFile
- lxd/storage/drivers/utils: Changes regenerateFilesystemUUID to use expanded arg definitions
- lxd/storage/drivers/driver/ceph/utils: Changes generateUUID to not map device
- lxd/storage/drivers/driver/ceph/volumes: d.generateUUID updated signature usage
- lxd/storage/drivers/driver/ceph/volumes: Adds BTRFS UUID regeneration to MountVolumeSnapshot
- lxd/storage/drivers/driver/zfs/volumes: Comment clarification
- lxd/storage/drivers/volume: Adds support for setting custom mount path
- lxd/storage/drivers/driver/btrfs/volumes: Create temporary snapshot in BackupVolume()
- lxd/storage/drivers/driver/btrfs/volumes: Renames container vars to instance
- lxd/storage/drivers/driver/btrfs/volumes: Consistent quoting of error message variables
- Merge pull request #7117 from tomponline/tp-storage-mountsnapshots-uuid
- Merge pull request #7122 from tomponline/tp-storage-export-snapshots
- lxd/main_activateifneeded: s/container/instance/
- lxd/instance/drivers: Removes storagePools.RenderSnapshotUsage from RenderFull()
- lxd/storage/drivers/driver/zfs/volumes: Create temporary snapshot in BackupVolume()
- lxd/storage/backend/lxd: Checks for existence of volume before deleting
- lxd/instance: Switches to revert package for instanceCreateAsSnapshot
- lxd/storage/backend/lxd: Comment tweak
- lxd/storage/drivers/driver/ceph/volumes: Tweaks HasVolume detection
- Merge pull request #7129 from tomponline/tp-storage-renderfull
- Merge pull request #7131 from tomponline/tp-storage-export-snapshots-zfs
- shared/subprocess/proc: Fixes race in process stopping
- Merge pull request #7132 from tomponline/tp-storage-delete-volume-checks
- lxd/main_activateifneeded: Retrieve all instances
- lxd/main_activateifneeded: Check for scheduled instance snapshots
- lxd/main_activateifneeded: Check for scheduled volume snapshots
- test/suites/basic: Update activateifneeded tests
- lxd/main_activateifneeded: Use defer statement to close db
- Merge pull request #7128 from monstermunchkin/issues/7126
- lxd/storage/btrfs: Workaround permission issue
- Merge pull request #7134 from stgraber/master
- lxd/cluster: add RemoveRaftNode() to force removing a raft node
- api: Add "DELETE /internal/cluster/raft/" endpoint
- Increase timeout when calling dqlite.Client.Add() to join the cluster
- Merge pull request #7139 from freeekanayaka/increase-join-timeout
- lxd/storage/drivers/driver/zfs/volumes: Comment
- lxd/storage/drivers/driver/lvm/volumes: Always return -1/ErrNotSupported for snapshot usage
- lxd/storage/drivers/driver/dir/volumes: Always return -1/ErrNotSupported for snapshot usage
- lxd/storage/drivers/driver/zfs/volumes: Always used 'used' property for ZFS snapshot usage
- lxd/storage/drivers/driver/cephfs/volumes: Always return -1/ErrNotSupported for snapshot usage
- lxd/storage/drivers/driver/btrfs/volumes: Return -1/ErrNotSupported when no quota available
- lxd/instance: Fix typo in comment
- lxc/action: Fix typo in help message
- i18n: Update translation templates
- Merge pull request #7142 from stgraber/master
- lxd: Add "lxd cluster remove-raft-node" recovery command
- doc: Add paragraph about "lxd cluster remove-raft-node"
- test: Add test exercising "lxd cluster remove-raft-node"
- Merge pull request #7141 from tomponline/tp-storage-snapshot-usage
- Merge pull request #7138 from freeekanayaka/remove-raft-node
- lxd/storage/lvm: Always call vgchange on mount
- Merge pull request #7146 from stgraber/master
- lxd/patches: Fix snapshot migration
- tests: Fix btrfs storage usage
- Merge pull request #7147 from stgraber/master
- lxd/storage/drivers/volume: Only chmod if needed in EnsureMountPath
- lxd/storage/drivers/volume: Removes unnecessary variable
- lxd/storage/drivers/driver/zfs/volumes: Ensure volumes created from copy have correct perms
- lxd/storage/drivers: Call EnsureMountPath() in MountVolume()
- lxd/storage/drivers: Call EnsureMountPath() in MountVolumeSnapshot()
- lxd/storage/drivers/driver/btrfs/volumes: Adds revert to CreateVolume
- lxd/storage/drivers/driver/btrfs/volumes: Comment in CreateVolumeFromCopy
- lxd/storage/drivers/driver/lvm/utils: EnsureMountPath after copying thin volume
- lxd/storage/drivers/driver/cephfs/volumes: typo
- lxd/storage/drivers/driver/cephfs/volumes: Calls vol.EnsureMountPath after filling
- lxd/storage/drivers/driver/ceph/volumes: Calls EnsureMountPath to fix perms after copying volume
- lxd/storage/drivers/driver/lvm/volumes: Fixes temporary snapshot volume cleanup for VMs
- Merge pull request #7144 from tomponline/tp-storage-snapshot-mnt-create
- lxd/storagr/drivers/driver/ceph/volumes: Adds support for snapshot usage reporting
- lxd/storage/drivers/driver/lvm/volumes: Clarifies comments on LVM volume usage reporting
- Merge pull request #7151 from tomponline/tp-storage-ceph-snapshot-usage
- shared/osarch: Coding style
- shared/osarch: Don't fail on missing os-release
- shared/api: Add OS information
- lxd/api: Add OS information
- api: Add api_os
- lxc: Use natural string sorting
- lxc: Group snapshot and parent
- lxd/main: Move forkzfs mntns to cgo
- Merge pull request #7154 from stgraber/master
- Merge pull request #7155 from stgraber/cli
- Merge pull request #7156 from stgraber/zfs
- doc/networks: Adds note about firewalld and DHCP/DNS
- Merge pull request #7158 from tomponline/tp-bridged-firewalld
- lxd/device/nic/routed: Improves validation of sysctl settings when using vlan option
- lxd/device/nic/routed: Corrects misleading error message when setting sysctls
- Merge pull request #7159 from tomponline/tp-nic-routed-validation
- lxd/storage/drivers/generic/vfs: Log when creating snapshots
- lxd/storage/drivers/driver/zfs/volumes: Fix migrating VM block volumes in MigrateVolume
- lxd/storage/memorypipe: Adds context support for cancellation
- lxd/storage/backend/lxd: memorypipe cancellation usage
- lxd/device/nic/sriov: Updates networkGetVirtFuncInfo to use json output from ip tool
- Merge pull request #7160 from tomponline/tp-storage-vm-migration
- doc: Add missing os_api extension
- Merge pull request #7165 from stgraber/master
- Merge pull request #7163 from tomponline/tp-nic-sriov
- lxd/storage/drivers/driver/dir/utils: Removes default project quota
- Merge pull request #7166 from tomponline/tp-storage-dir-quota
- forkexec: mark fd cloexec so the attaching process doesn't inherit it
- Merge pull request #7167 from brauner/2020-04-10/fixes
- forkexec: close all inherited fds
- Merge pull request #7168 from brauner/2020-04-10/fixes
- forkexec: log unexpected fds
- Merge pull request #7169 from brauner/2020-04-10/fixes
- lxd/daemon: Ignore .zfs in volumes
- Merge pull request #7170 from stgraber/master
- lxd/network: Push MTU over DHCP
- Merge pull request #7171 from stgraber/master
- shared/api: Drop invalid Managed key in NetworksPost
- lxd: Drop invalid use of Managed property
- Merge pull request #7173 from stgraber/network
- lxd/devices/disk: Prevent recursive & readonly
- Merge pull request #7177 from stgraber/master
- lxc/instance/drivers: Set new name before renaming backups
- test: Extend backup rename
- lxd/instance/drivers: Add revert steps when renaming instance
- Merge pull request #7182 from monstermunchkin/issues/7176
- lxd/instance/drivers/driver/qemu: Allow up to 8 NIC devices
- lxd/instance/drivers/driver/qemu/templates: Note that lxd_ disk device name prefix should not be changed
- Merge pull request #7185 from tomponline/tp-vm-pci
- Merge pull request #7183 from tomponline/tp-vm-device-comment
- doc/instances: Clarify config conditions
- doc/index: Clarify bind-mount in FAQ
- Merge pull request #7186 from stgraber/master
- lxd/instances: Better use userRequested on Update
- Merge pull request #7190 from stgraber/master
- lxd/device/nic: Adds host_table setting validation rule
- lxd/device/nic/routed: Fix sysctl command suggestion when using vlans
- lxd/device/nic/routed: Add host_table support
- api: Adds container_nic_routed_host_table extension
- doc: Adds documentation for routed NIC host_table setting
- suites/container/devices/nic/routed: Adds tests for custom routing tables
- Merge pull request #7192 from tomponline/tp-nic-routed-hosttable
- lxd/device/nic/ipvlan: Improve validation of sysctl settings when vlan setting used
- lxd/device/nic/ipvlan: Adds host_table setting support
- api: Adds container_nic_ipvlan_host_table extension
- doc: Adds documentation for ipvlan NIC host_table setting
- test/suites/container/devices/nic/ipvlan: Adds tests for custom routing tables
- test/clustering: increase timing to detect offline node
- Merge pull request #7193 from tomponline/tp-nic-ipvlan-hosttable
- api: Adds container_nic_ipvlan_mode extension
- lxd/device/nic/ipvlan: Adds support for l2 mode
- doc/instances: Documents ipvlan l2 mode
- test/suites/container/devices/nic/ipvlan: Adds l2 mode tests
- Merge pull request #7197 from freeekanayaka/tweak-clustering-membership-test-timings
- Merge pull request #7196 from tomponline/tp-nic-ipvlan-l2
- shared/version/api: Add resources_system API extension
- doc/api-extensions: Add resources_system
- shared/api/resource: Add system resources
- lxd/resources: Add new system resources
- lxd/resources: Retrieve system information
- shared/util: Never look into the snap
- Merge pull request #7194 from monstermunchkin/issues/7189
- Merge pull request #7198 from stgraber/master
- lxd/resources: serial/uuid may not be accessible
- Merge pull request #7201 from stgraber/master
- doc/instances: Fixes default ceph.cluster_name value
- lxd/device/disk: Adds support to use ceph: prefix for disk source for VMs
- Merge pull request #7206 from tomponline/tp-vm-disk-ceph
- firewalld & lxd : how to let Firewalld control the LXD's iptables rules this is related to https://github.com/lxc/lxd/pull/7195 but this a bit more generic
- Update networks.md
- Merge pull request #7204 from kerphi/patch-2
- doc/networks: Fix typo
- i18n: Update translations from weblate
- Update networks.md
- Merge pull request #7210 from ckd/patch-1
- lxd/storage/ceph: Support alternate conf syntax
- Merge pull request #7211 from stgraber/master
- lxd/init: Try to bind LXD network address when running interactively
- lxd/instance/drivers/driver/qemu/templates: Use static PCIe address prefix for 9p devices
- lxd/instance/drivers/drivers/qemu: Adds support for 9p disk device PCIe indexes
- Merge pull request #7213 from freeekanayaka/validate-listen-address
- Merge pull request #7214 from tomponline/tp-vm-pcie
- lxd/device/nic/bridged: Dont load br_netfilter
- Merge pull request #7217 from tomponline/tp-nic-bridged-brnetfilter
- doc/instances: Fix swapped description
- Merge pull request #7219 from stgraber/master
- index.md: add PATH env variable to sudo command example
- Merge pull request #7220 from rafaeldtinoco/master
- shared/simplestreams: Fix VM image preference
- Merge pull request #7225 from stgraber/master
- lxd/devoce/device/utils/disk: Comment on diskCephfsOptions
- lxd/device/disk: Adds cephfs support for VMs
- lxd/device/proxy: Check for br_netfilter enabled and log warning if not
- lxd/firewall/drivers/driver/xtables: Adds MASQUERADE hairpin proxy NAT rule
- lxd/firewall/drivers/drivers/xtables: comments
- Merge pull request #7226 from tomponline/tp-vm-disk-cephfs
- lxd/device/proxy: Sets bridge port hairpin mode on when br_netfilter loaded
- lxd/firewall/drivers/drivers/xtables: Renames toDest to connectDest
- lxd/firewall/drivers/drivers/nftables: Renames toDest to connectDest
- lxd/init: Improve error messages when failing to bind an address
- lxd/firewall/drivers/drivers/nftables: Adds MASQUERADE hairpin proxy NAT rule
- Merge pull request #7227 from freeekanayaka/improve-cant-listen-error-message
- test/suites/container/devices/proxy: Updates tests for checking hairpin rule
- Merge pull request #7228 from tomponline/tp-nic-bridged-nat-hairpin
- lxd/instance/drivers/driver/qemu: Wait for onStop when restarting
- lxd/instance/drivers/driver/qemu: Makes onStop unexported
- lxd/instance/drivers/driver/qemu: Comment
- Merge pull request #7229 from tomponline/tp-vm-restart
- lxd/instance/lxc: Don't crash in setNetworkPriority
- Merge pull request #7230 from stgraber/master
- lxd/instances: Export type to templates
- lxd-agent: Reboot after cloud-init seed
- lxd/util: Tweak NetworkInterfaceAddress to only return global
- Merge pull request #7231 from stgraber/master
- Merge pull request #7232 from stgraber/net
- lxd/net/util: Updates comment on NetworkInterfaceAddress behaviour change
- Merge pull request #7234 from tomponline/tp-util-networkinterfaceaddress
- shared/usbid: Use system database
- Merge pull request #7235 from stgraber/master
- lxd-agent: Support systemd-notify
- lxd/qemu: Switch default unit type to notify
- Merge pull request #7236 from stgraber/master
- lxd/storage/backend/lxd: Updates CreateInstanceFromImage to use reverter
- lxd/storage/drivers/errors: Adds ErrCannotBeShrunk error
- lxd/storage/drivers/utils: Updates to shrinkFileSystem ErrCannotBeShrunk error
- lxd/storage/backend/lxd: Updates CreateInstanceFromImage to detect ErrCannotBeShrunk
- lxd/storage/drivers: Returns ErrCannotBeShrunk when block volume cannot be shrunk
- lxd/device/proxy: Dont allow proxy_protocol to be set when in nat mode
- lxd/device/proxy: Dont wrap lines
- lxd/device/proxy: Improves validation
- test/suites/container/devices/proxy: Updates tests with new validation rules
- Merge pull request #7238 from tomponline/tp-storage-cached-size
- lxd: Updates snapshotProtobufToInstanceArgs to support instance type
- Merge pull request #7240 from tomponline/tp-proxy-validation
- Merge pull request #7241 from tomponline/tp-migration-inst-type
- lxd/qemu: Match basic NUMA layout
- Merge pull request #7243 from stgraber/master
- lxd/storage/drivers/driver/zfs/volumes: Delete volume on error in CreateVolumeFromCopy
- lxd-agent/main/agent: Adds comment about reason for systemd-notify usage
- Merge pull request #7245 from tomponline/tp-vm-agentstart
- lxd/cgroup: Fix memory controller detection
- Merge pull request #7244 from tomponline/tp-storage-zfz-revert
- lxd/migration/migrate/proto: Fix alignment
- lxd/migration: Adds volumeSize field to MigrationHeader
- lxd/migrate: Adds VolumeSize to MigrationSinkArgs
- lxd/migration/migration/volumes: Adds VolumeSize to VolumeTargetArgs
- lxd/migrate/instance: Use VolumeSize from offer header in Do()
- lxd/storage/backend/lxd: Use VolumeSize from migration header in CreateInstanceFromMigration
- lxd/storage/drivers: Exports BlockDevSizeBytes function
- lxd/storage/utils: Adds InstanceDiskBlockSize
- lxd/migrate/instance: Populate offerHeader.VolumeSize for VMs
- lxd/storage/backend/lxd: Adds VM volume size hint to CreateInstanceFromCopy
- Merge pull request #7248 from stgraber/master
- Merge pull request #7246 from tomponline/tp-migration-volsize
- lxd/device/utils: Do not add the Ceph mon port if already present in /etc/ceph config file
- Merge pull request #7249 from leopaul36/master
- lxd/instance/qemu: Add comment on cpuTopology
- lxd/storage/ceph: Support port in URL
- Merge pull request #7251 from stgraber/master
- lxd/storage/drivers/utils: Makes minBlockBoundary available to other functions
- lxd/storage/drivers/driver/zfs/utils: Updates createVolume to use minBlockBoundary
- lxd/storage/drivers/driver/zfs/volumes: Updates SetVolumeQuota to use minBlockBoundary
- lxd/storage/drivers/zfs/volumes: Updates CreateVolume to allow regeneration of deleted image volumes
- lxd/storage/drivers/driver/zfs/volumes: Dont revert on rename success
- Merge pull request #7250 from tomponline/tp-storage-image-regeneration
- shared/version/api: Add API extension images_push_relay
- doc: Add images_push_relay
- client/interfaces: Add Mode to ImageCopyArgs
- lxc/image: Add mode flag to image copy
- client: Add relay mode for image copy
- lxd/images: Return token response in push mode
- lxd/images: Allow authentication using secret
- shared/api/image: Add ImageExportPost
- client: Add ExportImage to ImageServer
- lxd/images: Add POST /1.0/images/fingerprint/export
- client: Add push mode for image copy
- client: Add GetOperationWaitSecret
- lxd/images: Use metadata from the client
- lxd/images: Return operation on token validation
- lxd/images: Add secret metadata on image create
- client/lxd_images: Set fingerprint and secret headers
- lxd/operations: Allow untrusted clients for /1.0/operations/{id}/wait
- doc/rest-api: Add POST /1.0/images/
/export - test/suites/remote: Add image copy push and relay mode
- po: Update translations
- lxd/daemon: Remove duplicated logic
- Merge pull request #7130 from monstermunchkin/issues/6805
- lxd/instance/qemu: Announce LXD in SMBIOS
- Merge pull request #7255 from stgraber/master
- share/usbid: Don't print error when missing
- Merge pull request #7257 from stgraber/master
- lxd/init: Auto-detect and use Ubuntu ZFS setup
- Merge pull request #7261 from stgraber/master
- lxc/config: Add --expanded to get
- i18n: Update translation templates
- Merge pull request #7267 from stgraber/master
- Resolve both core.https_address and cluster.https_address when comparing IPs
- Merge pull request #7269 from freeekanayaka/allow-using-hostnames-as-cluster-addresses
- lxd/storage/drivers/generic/vfs: Skip missing files during export
- Merge pull request #7271 from tomponline/tp-backup-walk-missing
- lxd/images: Fixes hang in export when invalid --compression argument passed
- Merge pull request #7272 from tomponline/tp-export-hang
- lxd/storage/drivers/driver/btrfs/volumes: CreateVolumeFromCopy only use expan