News¶

LXD 4.6 リリースのお知らせ¶

18th of September 2020

はじめに ¶

LXD チームは LXD 4.6 のリリースをお知らせできることにとてもワクワクしています!

このリリースは短い開発サイクルでしたが、それでもかなり忙しいリリースでした。

このリリースのハイライトは、LXD プロジェクト内にネットワークを置くことができるようになったことに間違いありません。これで共有 LXD 環境内に自前のネットワークが作成できるようになりました。

Enjoy!

新機能とハイライト ¶

プロジェクト内のネットワーク ¶

OVN ネットワークに関するこれまでの作業をもとに、プロジェクト内に新たに features.networks が設定できるようになりました。これによりプロジェクトは OVN ベースで、他のプロジェクトから見えない自身のネットワークを持てるようになりました。

stgraber@castiana:~$ lxc network list
+---------+------+---------+-----------------+---------------------------+-------------------------------------+---------+---------+
|  NAME   | TYPE | MANAGED |      IPV4       |           IPV6            |             DESCRIPTION             | USED BY |  STATE  |
+---------+------+---------+-----------------+---------------------------+-------------------------------------+---------+---------+
| default | ovn  | YES     | 10.187.181.1/24 | fd42:bb2b:e7d1:f3ba::1/64 | Default OVN network for the project | 3       | CREATED |
+---------+------+---------+-----------------+---------------------------+-------------------------------------+---------+---------+

この機能を有効にすると、ホストインタフェースと OVN 以外のネットワークは見えなくなり、プロジェクトが直接所有するネットワークだけが残ります。

qemu 用の AppArmor プロファイル ¶

過去のリリースでの色々なサブプロセスに対する AppArmor プロファイルの生成に加えて、このリリースでは LXD 仮想マシンで使う qemu の制約が設定されるようになりました。

このリリースで raw.apparmor を仮想マシンに導入します。これは raw.qemu と同時に使われるときのみ有効です。通常の LXD 設定オプションは LXD が生成したプロファイルによって処理されます（そうでなければバグです）。

Dqlite の変更 ¶

LXD 4.5 をリリースした直後に、dqlite に大きな変更が加えられました。

ファイルシステムへの書き込みをインターセプトして、他のノードへのレプリケーションを行うためのフックを追加した sqlite3 のフォークに頼るのでなく、標準の sqlite3 から VFS アクセスを取得するこれまでとは異なるアプローチを使用するようになりました。

これはユーザーからは見えませんが、カスタムの sqlite3 と libco というふたつの依存関係を削除することで、パッケージを作成する際の助けになるでしょう。

dqlite を使う LXD は、標準の sqlite3 3.25 以上を使えるようになりました。

すべての変更点（翻訳なし） ¶

このリリースでの完全な変更点のリストは次のとおりです:

• shared/log15: Fix due to recent unix change
• Handle signals in non-interactive sessions.
• Fix hang when control is not provided in non-interactive mode.
• lxd/db/cluster: Fix incorrect storage volume node IDs
• lxd/db/cluster: Fix node id nil values
• lxd/storage/volumes: Only apply config changes when restoring snapshot if non-nil config is supplied
• lxd/network/driver/bridge: Exclude /32 underlay addresses from overlay address generation
• lxd/network/driver/ovn: Removes unnecessary dnsmasq logic in deleteParentPortBridge
• lxd/device/device/utils/network: Removes networkRandomDevName
• lxd/network/network/utils: Adds RandomDevName function
• lxd/device: network.RandomDevName usage
• lxd/network: Adds Description function
• api: Adds network_bridge_ovn_bridge API extension
• lxd/network/driver/ovn: Updates parentPortBridgeVars to use ovn.ovs_bridge from parent network
• lxd/network/driver/bridge: Adds ovn.ovs_bridge config key for OVN networks using bridge as parent
• doc/api: Removes underscore escaping when used inside backticks
• doc/networks: Adds ovn.ovs_bridge key to bridge networks
• lxd/instance/drivers: Fixes crash when removing device that cant be loaded
• lxd/db/cluster: Adds networks to project usage view
• lxc/storage_volume: Fix usage string
• po: Update translations
• lxd/network/driver/ovn: Add and delete local chassis ID to HA chassis group on start/stop
• lxd/network/openvswitch/ovn: Adds ChassisGroupChassisDelete function
• lxd/network/driver/ovn: Adds ovn.name setting to store OVN logical network name
• doc/networks: Adds ovn.name to OVN network doc
• api: Adds network_ovn_name API extension
• lxd/drivers/qemu: Use gic-version=max on aarch64
• seccomp: fix compilation on kernels without proper bpf.h
• lxc/config: Update wording for profile/config
• i18n: Update translation templates
• lxc/export: Support writing to stdout
• Drop custom SQLite and libco
• validate: Consider + as unsafe in URL
• lxd/instance/snapshots: Restrict naming
• db: Handle NULL storage_volume description column in patch 34
• lxd/storage/drivers/utils: Corrects argument order of mkfs in makeFSType for wider compatibility
• Revert "api: Adds network_ovn_name API extension"
• Revert "doc/networks: Adds ovn.name to OVN network doc"
• Revert "lxd/network/driver/ovn: Adds ovn.name setting to store OVN logical network name"
• Revert "doc/networks: Adds ovn.ovs_bridge key to bridge networks"
• Revert "lxd/network/driver/bridge: Adds ovn.ovs_bridge config key for OVN networks using bridge as parent"
• Revert "lxd/network/driver/ovn: Updates parentPortBridgeVars to use ovn.ovs_bridge from parent network"
• lxd/network/driver/ovn: Removes unused import
• lxd/network/driver/ovn: Removes unnecessary network ID lookup
• lxd/api/cluster: Start networks after cluster join
• lxd/networks: Only call n.Start() during doNetworksCreate if client type isn't joiner
• lxd/network/driver/ovn: Adds pause between chassis group entry deletion and uplink port removal
• lxd/network/driver/ovn: parentPortBridgeVars whitespace
• Revert "api: Adds network_bridge_ovn_bridge API extension"
• lxd/db/cluster/update: Adds features.networks to default project
• lxd/project: Adds NetworkProject function
• lxd/db/networks: Updates networkState and usage to support projects
• lxd/db/networks: Updates getNetwork and usage to support projects
• lxd/network/network/utils: Updates IsInUseByInstance to translate instance's project to a network project
• lxd/network/network/utils: Updates isInUseByDevices to support projects
• lxd/network/network/utils: Updates IsInUseByProfile to accept a db.Profile rather than api.Profile
• lxd/network/network/utils: Updates UpdateDNSMasqStatic to use default project
• lxd/network/network/utils: Updates GetLeaseAddresses to use default project
• lxd/network/network/utils: Adds UsedBy function and unexports related functions not used elsewhere
• lxd/db/networks: Updates GetNonPendingNetworks to return a map of project networks
• lxd/network/driver/ovn: Updates parentAllAllocatedIPs to use update GetNonPendingNetworks
• lxd/network/network/utils: Adds network usage by other networks detection in UsedBy
• lxd/network/driver/common: Updates IsUsed to use UsedBy
• lxd/network/driver/bridge: Adds existing interface check as Create function
• lxd/network/driver/bridge: Push down interface name conflict check to Rename
• lxd/network/driver: Removes duplicated "in use" check that is now done at top level
• lxd/profiles/utils: Renames project arg to projectName in doProfileUpdate
• lxd/profiles: Updates usage of ValidDevices in profilesPost
• lxd/patches: Updates to support network projects
• lxd/networks/utils: Removes networkGetInterfaces function
• lxd/networks/utils: Updates networkUpdateForkdnsServersTask to support projects
• lxd/networks: Updates networkPost validation
• lxd/networks: Updates networksGet to support projects
• lxd/networks: Updates networksPost to support projects
• lxd/networks: Updates networksPostCluster to support projects
• lxd/networks: Updates doNetworksCreate to support projects
• lxd/networks: Updates networkGet to support projects
• lxd/networks: Updates doNetworkGet to support projects and to use network.UsedBy
• lxd/networks: Updates networkDelete to support projects
• lxd/networks: Updates networkPost to support projects
• lxc/networks: Updates networkPut to support projects
• lxd/networks: Updates doNetworkUpdate to support projects
• lxd/networks: Updates networkLeasesGet to support network projects
• lxd/networks: Updates networkStartup and networkShutdown to load networks from all projects
• lxd/network/network/load: Updates load functions to support projects
• lxd/network/network/interface: Adds project name to init function
• lxd/network/driver/common: Adds project support
• lxd/network/driver/ovn: Load parent network from default project
• lxd/device/nictype: Adds conversion of device project to network project for NICType validation
• lxd/instance/instance/utils: Project name is needed to validate instance devices
• lxd/instance: instance.ValidDevices project argument usage
• lxd/instance/drivers/driver/lxc: instance.ValidDevices project usage
• lxd/instance/drivers/driver/lxc: Error quoting
• lxc/instance/drivers/driver/lxc: nictype.NICType project usage
• lxd/instance/drivers/driver/qemu: instance.ValidDevices project usage
• lxd/instance/drivers/driver/qemu: nictype.NICType project usage
• lxd/instance/drivers/load: Adds project support to validDevices
• lxd/device/device/load: Adds project support to load function
• lxd/device/device/utils/network: Use default project for veth route functions
• lxd/device/nic/bridged: Use default project for bridge networks
• lxd/device/nic/macvlan: Use default project for macvlan networks
• lxd/device/nic/ovn: Load parent network's project from instance's project
• lxd/device/nic/sriov: Use default project for parent network
• lxd/device/proxy: NICType project usage
• lxd/network/driver/common: Send project when notifying nodes of network changes
• lxd/networks: Send project when creating network on remote node
• lxd/db/migration/test: Add network project support
• lxd/cluster/membership/test: Add network project support
• lxd/api/cluster: Uses default project for networks during cluster join
• lxd/networks: Updates networksPostCluster to use tx.GetNetworkID with project
• lxd/db/networks: Adds project support to CreatePendingNetwork
• lxd/db/networks: Adds project support to GetNetworkID
• lxd/db/networks/test: Updates GetNetworkID usage with project
• shift_linux: tweak ACL handling
• tar_write: switch to PAXRecords to preserve ACLs too
• doc/projects: Adds features.networks
• lxc/project: Adds features.networks to project list output
• lxd/api/project: Adds features.networks support but does not enable by default
• lxd/init: Updates initDataNodeApply to return a revert function
• lxd/main/init: Updates Run to use revert
• lxd/api/cluster: Adds project support for networks
• lxd/api/cluster: Updates clusterPutJoin to use revert
• lxd/api/cluster: Updates clusterInitMember to return a revert function
• lxd/api/cluster: Logging quoting
• lxd/api/cluster: clusterPutJoin project support
• lxd/api/cluster: clusterInitMember project support
• lxd/api/cluster: Adds NetworksPost to internalClusterPostNetwork
• lxd/api/cluster: Checks network types match in clusterCheckNetworksMatch
• lxd/init: Adds internalClusterPostNetwork to initDataNode
• lxd/init: initDataNodeApply project support
• lxd/init: initDataNodeApply comment consistency
• lxd/main/init/auto: Updates RunAuto to send internalClusterPostNetwork
• lxd/main/init/dump: Updates RunDump to use internalClusterPostNetwork
• lxd/main/init/interactive: Updates RunInteractive to use internalClusterPostNetwork
• lxd/main/init/interactive: Updates askNetworking to use internalClusterPostNetwork
• lxd/network: Adds Info struct and function
• lxd/network/network/load: Renames ValidateName to ValidateNameAndProject
• lxd/network/driver/ovn: Adds Info function
• lxd: network.ValidateNameAndProject usage
• lxd/network/driver/ovn: deleteParentPort fixed to allow deletion of network with no parent
• lxd/project: Updates NetworkProject to return project config
• doc/project: Adds limits.networks setting
• lxd/api/project: Adds limits.networks setting
• lxd/networks: Enforces limits.networks in networksPost
• lxd: project.NetworkProject usage
• lxd/networks: Don't allow non-default network projects to access info about the physical interfaces in doNetworkGet
• lxd/api/cluster: Create or update local node projects to sync with cluster in clusterInitMember
• i18n: Update translation templates
• shift_linux: handle ACL unshifting correctly
• shift_linux: handle capability unshifting correctly
• shift_linux: converty to CBytes not to CString
• lxc/utils: Add usage function
• lxc: Drop command name from translation
• i18n: Update translation template
• shared/subprocess: Set err on non-zero
• lxd/instances/qemu: Use subprocess
• lxd/instance: Add DevPaths
• lxd/apparmor: Fix unload/delete
• lxd/apparmor/instance: Sort context
• lxd/apparmor: Prepare for qemu
• lxd/apparmor: Add qemu profile
• lxd/instance/drivers/driver/qemu: Switch to threads locking mode and writeback cache mode for BTRFS
• doc/instance: raw.apparmor now implemented for VM
• lxd/apparmor: Tweak qemu profile for non-snap
• shared/idmap/shift/linux: Handle nil IdmapSet in UnshiftACL and UnshiftCaps
• shared/instancewriter/instance/tar/writer: Handle nil idmapSet and log shifting errors in WriteFile
• lxc: Better handle arguments
• lxc: Unbundle sortorder
• lxd/util/sys: Fixes GetExecPath when lxd binary has been removed/changed
• lxd/db/images: Error message uppercase first letter
• i18n: Update translations from weblate
• lxd/instance: Adds instanceImageTransfer and updates instanceCreateFromImage to use it
• lxd/daemon/images: Error quoting
• lxd/daemon/image: Adds logic to download image from another cluster node into ImageDownload
• lxd/db/images/test: Fixes tests for LocateImage
• test/suites/clustering: Adds test for image transfer between cluster nodes
• bash-completion: use "list --format=csv" consistently
• bash-completion: use regex grouping for lxc start
• lxd/instance/qemu: Fix mem device naming
• proxy bind= should accept host|instance as the doc says
• Valid proxy type= values are all lower case so fix doc
• s/descriptros/descriptors/
• Revert "lxd/network/driver/bridge: Exclude /32 underlay addresses from overlay address generation"
• lxd/network/driver/bridge: Skip lo interface when generating fan overlay address in addressForSubnet

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 4.5 リリースのお知らせ¶

29th of August 2020

はじめに ¶

LXD チームは LXD 4.5 のリリースをお知らせできることにとてもワクワクしています!

これは LXD の非常に忙しいリリースです。主なハイライトは、ネットワークオプションに OVN が加わったことであることは間違いありません。

さらに、bpf システムコールのインターセプトと pts デバイスの新たな割り当てロジックという、コンテナサポートで歓迎すべき改良がいくつか加わりました。

最後に、リモートストレージの改良と新しい AppArmor プロファイルに対する改良による、セキュリティとクラスタリングに対する素晴らしい改良が行われました。

Enjoy!

新機能とハイライト ¶

OVN 仮想ネットワークの初期サポート ¶

LXD 4.5 には OVN 仮想ネットワークのサポートが含まれます。

これは通常の LXD が管理するネットワークとして定義でき、これまでのブリッジと非常に似ています。しかし、クラスターノードをまたぐことができますし、サブネットが重複したり競合したりできます。

これは OVN を使って実現されています。そして、次の LXD リリースでは LXD プロジェクト内部のネットワークの基礎となります。LXD の OVN ネットワークは、親となる管理されたネットワークが必要です。現状では管理されたブリッジのみがサポートされます（SR-IOV と macvlan は 4.6 で対応予定）。

現時点では、ホスト上で OVN と Open vSwitch がセットアップされていれば、LXD で仮想ネットワークを作成できますし、通常のブリッジに対する方法と同じようにインスタンスに接続できます。

（4.5 の snap を使った Ubuntu 20.04 LTS での実行例です）

root@nuc01:~# apt install ovn-host ovn-central --yes
[snip]

root@nuc01:~# snap install lxd --channel=latest/candidate
lxd (candidate) 4.5 from Canonical✓ installed
root@nuc01:~# ovs-vsctl set open_vswitch . \
>   external_ids:ovn-remote=unix:/var/run/ovn/ovnsb_db.sock \
>   external_ids:ovn-encap-type=geneve \
>   external_ids:ovn-encap-ip=172.17.16.139
root@nuc01:~# lxd init --auto
root@nuc01:~# lxc network list
+--------+----------+---------+----------------+---------------------------+-------------+---------+
|  NAME  |   TYPE   | MANAGED |      IPV4      |           IPV6            | DESCRIPTION | USED BY |
+--------+----------+---------+----------------+---------------------------+-------------+---------+
| br0    | bridge   | NO      |                |                           |             | 0       |
+--------+----------+---------+----------------+---------------------------+-------------+---------+
| br-int | bridge   | NO      |                |                           |             | 0       |
+--------+----------+---------+----------------+---------------------------+-------------+---------+
| eno1   | physical | NO      |                |                           |             | 0       |
+--------+----------+---------+----------------+---------------------------+-------------+---------+
| lxdbr0 | bridge   | YES     | 10.19.114.1/24 | fd42:56de:74c7:40f5::1/64 |             | 1       |
+--------+----------+---------+----------------+---------------------------+-------------+---------+
root@nuc01:~# lxc network set lxdbr0 ipv4.dhcp.ranges=10.19.114.2-10.19.114.199
root@nuc01:~# lxc network set lxdbr0 ipv4.ovn.ranges=10.19.114.200-10.19.114.254
root@nuc01:~# lxc network set lxdbr0 ipv6.ovn.ranges=fd42:56de:74c7:40f5::200-fd42:56de:74c7:40f5::254
root@nuc01:~# lxc network create my-virtual-01 network=lxdbr0 --type=ovn
Network my-virtual-01 created
root@nuc01:~# lxc network create my-virtual-02 network=lxdbr0 --type=ovn
Network my-virtual-02 created
root@nuc01:~# lxc network list
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
|     NAME      |   TYPE   | MANAGED |      IPV4       |           IPV6            | DESCRIPTION | USED BY |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| br0           | bridge   | NO      |                 |                           |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| br-int        | bridge   | NO      |                 |                           |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| eno1          | physical | NO      |                 |                           |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| lxdbr0        | bridge   | YES     | 10.19.114.1/24  | fd42:56de:74c7:40f5::1/64 |             | 1       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| lxdovn1       | bridge   | NO      |                 |                           |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| my-virtual-01 | ovn      | YES     | 10.178.251.1/24 | fd42:39c7:797c:7977::1/64 |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| my-virtual-02 | ovn      | YES     | 10.82.211.1/24  | fd42:5045:b316:b251::1/64 |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
root@nuc01:~# lxc network create my-virtual-03 network=lxdbr0 ipv4.address=10.82.211.1/24 ipv6.address=fd42:5045:b316:b251::1/64 --type=ovn
Network my-virtual-03 created
root@nuc01:~# lxc network list
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
|     NAME      |   TYPE   | MANAGED |      IPV4       |           IPV6            | DESCRIPTION | USED BY |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| br0           | bridge   | NO      |                 |                           |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| br-int        | bridge   | NO      |                 |                           |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| eno1          | physical | NO      |                 |                           |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| lxdbr0        | bridge   | YES     | 10.19.114.1/24  | fd42:56de:74c7:40f5::1/64 |             | 1       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| lxdovn1       | bridge   | NO      |                 |                           |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| my-virtual-01 | ovn      | YES     | 10.178.251.1/24 | fd42:39c7:797c:7977::1/64 |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| my-virtual-02 | ovn      | YES     | 10.82.211.1/24  | fd42:5045:b316:b251::1/64 |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+
| my-virtual-03 | ovn      | YES     | 10.82.211.1/24  | fd42:5045:b316:b251::1/64 |             | 0       |
+---------------+----------+---------+-----------------+---------------------------+-------------+---------+

このセットアップでは、3 つの OVN ネットワークが存在します。そのうち 2 つは意図的に全く同じ IPv4/IPv6 サブネットを共有しており、分離された状態を見ることができます。

root@nuc01:~# lxc init images:ubuntu/20.04 u1
Creating u1
root@nuc01:~# lxc init images:ubuntu/20.04 u2
Creating u2
root@nuc01:~# lxc init images:ubuntu/20.04 u3
Creating u3
root@nuc01:~# lxc config device add u1 eth0 nic name=eth0 network=my-virtual-01
Device eth0 added to u1
root@nuc01:~# lxc config device add u2 eth0 nic name=eth0 network=my-virtual-02
Device eth0 added to u2
root@nuc01:~# lxc config device add u3 eth0 nic name=eth0 network=my-virtual-03
Device eth0 added to u3
root@nuc01:~# lxc start u1 u2 u3
root@nuc01:~# lxc list         
+------+---------+---------------------+-----------------------------------------------+-----------+-----------+
| NAME |  STATE  |        IPV4         |                     IPV6                      |   TYPE    | SNAPSHOTS |
+------+---------+---------------------+-----------------------------------------------+-----------+-----------+
| u1   | RUNNING | 10.178.251.2 (eth0) | fd42:39c7:797c:7977:216:3eff:fe3a:6498 (eth0) | CONTAINER | 0         |
+------+---------+---------------------+-----------------------------------------------+-----------+-----------+
| u2   | RUNNING | 10.82.211.2 (eth0)  | fd42:5045:b316:b251:216:3eff:fe7d:7826 (eth0) | CONTAINER | 0         |
+------+---------+---------------------+-----------------------------------------------+-----------+-----------+
| u3   | RUNNING | 10.82.211.2 (eth0)  | fd42:5045:b316:b251:216:3eff:fe9d:52af (eth0) | CONTAINER | 0         |
+------+---------+---------------------+-----------------------------------------------+-----------+-----------+

bpf システムコールインターセプションの初期実装 ¶

bpf システムコールに対するシステムコールインターセプションを有効化できるようになりました。これはコンテナの security.syscalls.intercept.bpf を使ってコントロールできます。

この機能を有効にした場合、特定のタイプの bpf プログラムを有効にしなければなりません。現時点では、security.syscalls.intercept.bpf.devices のみをサポートします。この機能は、device cgroup に紐付けられたプログラムをコンテナ内から読み込めるようにしています。

警告: 実際のプログラムで行われるバリデーションは、ホストからの明確な DoS を避けるための単純なサイズチェックのみです。この機能を有効にしたコンテナでは、かなり複雑な bpf プログラムをロードできます。そしてコンテナのスコープ外の情報を取得する可能性があります。信用できないコンテナに対しては許可するべきではありません。

ネイティブなターミナルデバイスの割り当てのサポート ¶

これまで、lxc exec のような操作のためのデバイス割り当てはホストシステムの devpts を通して行われていました。これは、コンテナのファイルシステムにアクセスしたり、ユーザーがコンテナ内の /dev/pts を何か悪意のあるものでマスクしたりすることを防ぐためのセキュリティの手段として行われていました。しかし、このアプローチには問題があります。コンテナ内部で見える制御デバイスは（外部に属するため）解決できないからです。

カーネルと LXC の作業で、コンテナ起動時に最初にマウントされる devpts インスタンスを安全に追跡できるようになりました。そして、コンテナ内の現在のマウントテーブルとやりとりすることなく、デバイスを割り当てできるようになりました。

これによる目に見える効果には次のようなものがあります。stdin/stdout/stderr 上で何かをリダイレクトする時に AppArmor ポリシーが混乱しにくくなったり、他の様々なソフトウェアが is-a-tty タイプのチェックを行うようなことがより通常の方法で動作するようになったりしました。

VGA コンソールが Windows 上で動くようになりました ¶

Windows ユーザーは、virt-viewer を　Chocolatey 経由かマニュアルでインストールできるようになりました。インストールすると、仮想マシンで lxc console --type=VGA を実行した場合に自動的にそれを検出し、使います。

リモートのストレージプールの扱いの改良 ¶

これまで、リモートのストレージプールにあるカスタムボリュームの処理方法は、クラスターメンバーごとにひとつのレコードを持つことで行われていました。これは、特にスナップショットを考慮すると、多数の重複するデータが生じていました。

スナップショットについては、ボリュームの重複のために、自動化されたスナップショットが各クラスターメンバーごとに発生し、意図したよりも多くのスナップショットと全体的な負荷につながっていました。

新たなデータベースの設計でこれはすべて解決しました。この設計では、シングルボリュームのエントリーが保持され、クラスター化されているとマークされます。したがって、特定のクラスターメンバーに結び付けられることはなくなりましたし、スケジュールされたスナップショットは、安定したハッシュメカニズムを使ってクラスター全体に分散するようになり、現在オンラインのクラスターメンバーがそれをどのように処理するかを決定します。

forkdns と forkproxy が AppArmor の制限のもとで実行されるようになりました ¶

LXD 4.4 での dnsmasq の制限に続き、LXD 4.5 では forkdns も制限するようになりました。このプロセスは、LXD クラスター上で Fan ベースのネットワークが実行されているときに使います。その名前のとおり、forkdns はすべてのクラスターメンバーに対するクエリを効果的に複製することで DNS 処理を行います。この制限により、重要なデータへのアクセスによる攻撃の可能性を防ぐことができます。

同様に、NAT ではない proxy デバイスで使われる forkproxy も、自身の AppArmor プロファイルを持っています。これは、アクセスする前提であるソケットと、プロキシーを行うのに必要なカーネルインフラストラクチャーの部分のみに制限をします。

lxc move でクラスターのターゲットを指定できるようになりました ¶

クラスター外部からクラスターにインスタンスを移動する際、--target を与えることで、インスタンスをホストするクラスターメンバーを指定できるようになりました。

すべての変更点（翻訳なし） ¶

このリリースでの完全な変更点のリストは次のとおりです:

• lxc/move: Allow --target with cluster destination
• i18n: Update translation templates
• lxd/networks: Validate network config before starting networks on startup
• lxd/network/driver/common: Call init() in update() to consistency apply new internal state
• lxd/device/device/utils/network: Removes networkDHCPValidIP
• lxd/dnsmasq/dhcpalloc: Adds static DHCP allocation package for dnsmasq
• lxd/dnsmasq: Renames DHCPStaticIPs to DHCPStaticAllocation
• lxd/dnsmasq: Renames DHCPAllocatedIPs to DHCPAllAllocations
• lxd/network/network/utils: Removes GetIP
• lxd/network/network/utils: dhcpalloc.GetIP usage
• lxd/network/network/utils: dnsmasq.DHCPStaticAllocation usage
• lxd/network/network/interface: Changes of functions to accomodate dhcpalloc package
• lxd/network/driver/common: Implements default no-op function for non-dhcp enabled networks
• lxd/network/driver/common: dhcpalloc.DHCPRange usage
• lxd/network/driver/bridge: dhcpalloc package function usage
• lxd/network/driver/bridge: DHCPv4Subnet and DHCPv6Subnet implementations
• lxd/device/nic/bridged: Comment correction
• lxd/device/nic/bridged: n.DHCPv4Subnet and n.DHCPv6Subnet usage
• lxd/device/nic/bridged: dnsmasq.DHCPStaticAllocation usage
• lxd/device/nic/bridged: dhcpalloc.DHCPValidIP usage
• lxd/device/nic/bridged: Switches static DHCP allocation for IP filtering to dnsmasq/dhcpalloc
• lxd/main_activateifneeded: Clarify 'No DB' debug statements
• lxd/cluster: Fix failure domain updates
• tests: Fix failure domain test
• doc: s/container/instance/g
• doc/backup: Add note about the snap mntns
• lxd/apparmor: Don't fail on missing apparmor
• shared/validate: Makes IsUint32 non-optional
• lxd: Wraps validate.IsUint32 in validate.Optional
• shared/instance: Wraps validate.IsUint32 in validate.Optional
• shared/validate: Makes IsUint8 non-optional
• lxd/network/driver/bridge: Wraps validate.IsUint8 in validate.Optional
• shared/validate: Makes IsPriority non-optional
• shared/instance: Wraps validate.IsPriority in validate.Optional
• shared/validate: Makes IsBool non-optional
• lxd: Wraps validate.IsBool in validate.Optional
• shared/instance: Wraps validate.IsBool in validate.Optional
• shared/validate: Makes IsSize non-optional
• lxd: Wraps validate.IsSize in validate.Optional
• shared/instance: Wraps validate.IsSize in validate.Optional
• shared/validate: Makes IsNetworkAddress non-optional
• lxd: Wraps validate.IsNetworkAddress in validate.Optional
• shared/validate: Makes IsNetworkV4 non-optional
• lxd/network/driver/bridge: Wraps validate.IsNetworkV4 in shared.Optional
• shared/validate: Makes IsNetworkAddressV4 non-optional
• lxd/device/nic: Wraps validate.IsNetworkAddressV4 in validate.Optional
• lxd/device/nic/ipvlan: Wraps validate.IsNetworkAddressV4 in validate.Optional
• lxd/device/nic/ipvlan: Fixes incorrect IPv4 address check in IPv6 context
• lxd/network/driver/bridge: Wraps validate.IsNetworkAddressV4 in validate.Optional
• shared/validate: Makes IsNetworkAddressCIDRV4 non-optional
• lxd: Wraps validate.IsNetworkAddressCIDRV4 in validate.Optional
• shared/validate: Makes IsDeviceID non-optional
• lxd/device: Wraps validate.IsDeviceID in validate.Optional
• shared/validate: Makes IsNetworkV6 non-optional
• shared/validate: Makes IsNetworkAddressCIDRV6 non-optional
• lxd: Wraps validate.IsNetworkAddressCIDRV6 in validate.Optional
• shared/validate: Makes IsNetworkAddressV6 non-optional
• lxd: Wraps validate.IsNetworkAddressV6 in validate.Optional
• lxd/device/nic/ipvlan: validate.IsNetworkAddressVX tweaks
• lxd/device/nic/routed: Wraps validate.IsNetworkAddressV4List in validate.Optional
• lxd: Wraps validate.IsNetworkV4List and validate.IsNetworkV6List in validate.Optional
• shared/validate: Tweaks IsNetworkVLAN error message ordering
• shared/validate: comment spacing
• daemon: check whether shiftfs is useable
• lxd/network/network/utils: Renames ValidNetworkName to validInterfaceName
• lxd/network/network/utils: Adds validVirtualNetworkName
• lxd/network/network/interfaces: Adds ValidateName
• lxd/network/driver/bridge: Implements ValidateName
• lxd/network/driver/macvlan: Implements ValidateName
• lxd/network/driver/sriov: Implements ValidateName
• lxd/network/network/load: Adds ValidateName helper function
• lxd/main/init/interactive: Switches to network.ValidateName for bridge validation
• lxd/networks: Switches to network.ValidateName
• lxd/storage/utils: Simplifies error message from ValidName
• doc/networks: Fixes typo in bridge docs
• lxd/cluster/config: Fix import ordering of external package
• lxd/network/openvswitch: Name functions consistently using ObjectAction format
• lxd/network/driver/bridge: OVS function naming usage
• lxd/network/network/utils: OVS function naming usage
• lxd/device/nic/bridged: OVS function naming usage
• lxd/storage/locking: Moves package to lxd/locking
• lxd/locking: Renames variables to make them generic
• lxd/storage/drivers/utils: Adds OperationLockName function
• lxd/network/network/interface: Adds ID() function
• lxd/network/driver/common: Implements ID() function
• lxd/storage: locking.Lock usage with OperationLockName wrapper
• lxd/resources: Fix total memory for per NUMA node
• lxd: enable safe native container terminal allocation
• lxd/rsync: Don't pass --bwlimit when no limits set
• exec: fix OpenPtyInDevpts()
• test/suites/storage: LVM size tweaks
• lxd/instance/drivers/driver/lxc: Adds nil check in getLxcState
• client/operations: Fixes race conditions
• lxd/operations: Fixes race conditions
• client: More races fixed
• Makefile: Adds race target for enabling race detector
• Makefile: Correctly builds lxd-p2c and lxd-agent in debug and nocache targets
• client/operations: Race fix
• lxd/db: Adds mutex to fix races
• lxd/operations: Fixes races
• shared/validate: Adds IsURLSegmentSafe function
• lxd/network/driver/common: Adds common ValidateName function
• lxd/network/driver/bridge: Changes ValidateName to use common validation too
• lxd/network/driver: Removes ValidateName from sriov and macvlan
• lxd/network/network/load: Adds field name context to name validation errors
• lxd/network/network/utils: Removes validVirtualNetworkName
• lxd/networks: Returns network context on network startup failure
• shared/validate: Adds Required() and makes Optional() accept multiple validators
• lxd/network/driver/bridge: Don't allow stable volatile MAC with fan network
• lxd/network/driver/bridge: Don't allow hwaddr to be set in fan mode
• seccomp: update comment about blocking the new mount api
• syscall_numbers: fix pidfd_open() definition
• lxd_seccomp: add SECCOMP_IOCTL_NOTIF_ADDFD definitions and types
• checkfeature: check for seccomp notify fd injection feature
• syscall_numbers: add pidfd_getfd()
• syscall_numbers: add bpf()
• seccomp: report helpful errors when determining support for features
• seccomp: handle liblxc sending the notify fd as part of the seccomp message
• seccomp: enable bpf in unprivileged containers
• doc: add security.syscalls.intercept.bpf and security.syscalls.intercept.bpf.prog.devices
• api: add container_syscall_intercept_bpf_devices extension
• lxd-client: add security.syscalls.intercept.bpf security.syscalls.intercept.bpf.devices to completion
• production-setup: mention bpf-specific memlock settings
• seccomp: check the return value of pwrite()
• syscall_numbers: add close_range()
• exec: switch to close_range() syscall
• process_utils: remove faulty license
• lxd/apparmor/dnsmasq: Add binary for nesting
• lxd/storage/drivers/ceph: Fix volume deletion
• lxd/instance/drivers/driver/qemu: Fix race in onStop getting operation
• lxd/db: Fix premature failure when listing cluster volumes
• lxd/db/storage_volumes: Add comments regarding behaviour
• doc/production-setup: Fix escaping
• doc/production-setup: Update introduction
• lxd: Fix automatic storage volume snapshots
• cluster: Don't upgrade nodes without raft role concurrently
• lxd/network/network/load: Moves fillAuto logic into per-driver fillConfig function
• lxd/network/utils: Moves fillAuto into bridge's fillConfig function
• lxd/network/network/utils: Adds randomHwaddr function
• lxd/patches: Adds patch to remove volatile.bridge.hwaddr network key
• lxd/network/bridge/driver: Removes volatile.bridge.hwaddr and adds stable MAC generation
• shared/usbid: Don't auto-load
• lxd/resources: Load USB database
• lxd/apparmor: Move dnsmasq functions
• lxd/apparmor: forkdns profile
• lxd/sys: Add unpriv uid/group
• lxd/instances: Update for OS type change
• shared/subprocess: s/Pid/PID/
• shared/subprocess: Add credentials
• lxd/network: forkdns and creds drop for forkdns
• lxd/network: Run dnsmasq as unpriv group
• lxd/device/device/common: Adds common contextual logger
• doc/networks: dns.search clarification
• lxd/network/driver/bridge: Validates bridge.external_interfaces using validate.Optional() helper
• shared/validate: Adds network IP range validators
• lxd/network/driver/bridge: Adds DHCP IP range validation
• shared/network/ip: Defines IPRange struct
• lxd/dnsmasq/dhcpalloc: Removes DHCPRange and switches to shared.IPRange
• lxd/network: Replaces dhcpalloc.DHCPRange with shared.IPRange
• lxd/storage: Fix delete of remote pools
• lxd/storage/ceph: Allow for small size variation
• seccomp: cap instruction limit and log buffer to reasonable sizes
• seccomp: initialize almost everything
• main_checkfeature: remove logging failed shiftfs mounts
• seccomp: log errors to convert unix connection to file
• unixfd: improve SCM_RIGHTs file descriptor retrieval
• seccomp: simplify the seccomp message retrieval
• api: Adds API extension network_type_ovn
• doc/server: Documents global OVN networking config keys
• lxd/cluster/config: Adds OVN networking global config keys
• lxd/network/network/utils: Updates isInUseByDevices to support ovn
• lxd/db/networks: Adds OVN network type
• lxd/network/network/load: Adds ovn network type to loader
• lxd/networks: Adds ovn network type
• lxd/device/device/load: Adds OVN nic type support
• lxd/device/nictype: Adds ovn support
• lxd/network/network/utils: Adds OVN instance device port helpers
• lxd/network/openvswitch/ovs: Adds InterfaceAssociateOVNSwitchPort
• lxd/network/openvswitch/ovs: Adds ChassisID function
• lxd/network/openvswitch/ovs: Adds OVN bridge mapping functions
• lxd/network/openvswitch/ovs: Adds BridgePortList function
• lxd/network/openvswitch/ovs: Adds OVNBridgeMappingDelete function
• lxd/network/openvswitch/ovn: Adds OVN command wrapper
• lxd/network/network/utils: Adds parseIPRange functions
• lxd/network/driver/bridge: Adds OVN ranges keys
• lxd/network/driver/ovn: Adds OVN network driver
• lxd/device/nic/ovn: Adds OVN nic type
• doc/networks: Adds initial OVN doc
• doc/networks: Add OVN range keys
• doc/networks: Fix key ordering
• bash: Update completion profile
• lxd/apparmor: Disable cgroup2 on legacy hosts
• lxc/manpage: Fix behavior in snap
• shared/subprocess: Add StartWithFiles
• lxd/forkproxy: Switch to using subprocess
• daemon: check namespace management support through pidfds
• nsexec: remove unused dosetns() function
• nsexec: add new change_namespace() helper
• forksyscall: use pidfds to attach to namespaces
• forknet: use pidfds to attach to namespaces
• forkmount: use pidfds to attach to namespaces
• forkproxy: use pidfds to attach to namespaces
• forkfile: use pidfds to attach to namespaces
• nsexec: remove unused setnsat()
• lxd/db/networks: Separates network type and status conversion into separate functions
• lxd/db/networks: Adds ClusterTx.GetNonPendingNetworks function
• lxd/db/networks: Adds ClusterTx.UpdateNetwork function
• lxd/network/driver/ovn: Use DB transactions to safely allocate OVN external IPs on parent network
• lxd/network/driver/ovn: Include last IP in OVN range for allocatable IPs
• lxd/db/networks: Populates network nodes in ClusterTx.GetNonPendingNetworks
• lxd/db/networks: Populate description col with empty string in CreatePendingNetwork
• shared/validate: Adds IsNetworkMTU function
• lxd/network/driver: validates mtu using IsNetworkMTU
• lxd/device/nic: Validates mtu using IsNetworkMTU
• lxd/network/network/utils: Removes OVN specific helper functions
• lxd/network/network/utils/ovn: Adds OVNInstanceDeviceMTU function
• lxd/network/openvwitch/ovn: Adds MTU support for DHCP and IPv6 RA
• lxd/network/driver/ovn: Adds bridge.mtu config option and passes to DHCP/RA setup
• lxd/device/nic/ovn: Use parent network's bridge.mtu setting for setting device MTU
• lxd/network/driver/common: Moves notifier for delete into common
• lxd/networks: Moves cluster notification and storage clean up for networkDelete into common
• shared/validate: Use consistent quoting for outputting input value when there is an error
• lxc: Bundle sortorder
• lxd/network/ovn: Use snap path
• doc/networks: Adds link to OVN network
• lxd/network/network/utils: Adds pingIP function
• lxd/network/driver/ovn: Pings OVN external IPv6 router IP on bridge port start
• lxd/network/openvswitch/dns: Adds LogicalSwitchPortSetDNS and LogicalSwitchPortDeleteDNS functions
• lxd/network/openvswitch/ovn: Updates LogicalSwitchDelete to clear any remaining DNS records
• lxd/network/network/utils/ovn: Updates OVNInstanceDevicePortAdd to take instanceName for DNS records
• lxd/network/driver/ovn: Updates instance port functions to setup and remove DNS records
• lxd/device/nic/ovn: Updates usage of network.OVNInstanceDevicePortAdd to supply instance name for DNS records
• lxd/storage/drivers/utils: Fixes shrinkFileSystem to detect e2fsck filesystem modifications
• lxd/db/instances: Ensure correct pool name is returned in GetInstancePool
• shared/cert: Fix on Windows
• lxc/console: Support remote-viewer on Windows
• lxc/export: Use HostPathFollow
• lxd/cluster: Re-try listening for a minute
• lxd/init: Don't fail on existing address
• lxd/storage/zfs: Fix bad transfer logic on block
• lxd/storage/zfs: Always discard mountpoint on recv
• lxd/db/projects: go imports order
• lxd/db/projects: Removes unnecessary whitespace
• lxd/db/cluster: Adds patch for adding project_id to networks table
• lxd/db/networks: Adds project support to CreatePendingNetwork
• lxd/db/networks: Adds project support to CreateNetwork
• lxd/networks: Pass project.Default when creating networks
• lxd/instance/test: Updates tests to use project.Default for new networks
• lxd/db/networks/test: Updates tests to use project.Default for new networks
• lxd/storage/zfs: Don't filter mountpoint on block
• lxd/db/instances: Removes instancePoolSnapshot function
• lxc/network: Fix usage
• i18n: Update translation templates
• lxd/apparmor/dnsmasq: drop dup rule, /snap/lxd/*/ includes /snap/lxd/current/
• lxd/apparmor/forkdns: drop dup rule, /snap/lxd/*/ includes /snap/lxd/current/
• lxd/instance: Always put snapshots on same pool as parent
• doc/security: Adds note about non-IP ethernet frame filtering to stop VLAN QinQ bypass
• lxd/db/cluster: Update tables to allow null value for node ID
• shared/util: Converts DefaultPort from string to int
• lxd/util/net: Updates CanonicalNetworkAddress to use net.JoinHostPort rather than manual fmt.Sprintf
• lxd/util/net: Adds CanonicalNetworkAddressFromAddressAndPort function
• lxd/device/device/utils/proxy: Use net.JoinHostPort rather than manual fmt.Sprintf
• lxd/main/init/interactive: Error wrapping
• lxd/main/init/interactive: Use canonical address after port has been added for comparison
• lxd/main/init/auto: util.CanonicalNetworkAddressFromAddressAndPort usage
• lxc/remote: shared.DefaultPort usage
• lxd-agent/main/agent: shared.DefaultPort usage
• lxd-p2c/utils: shared.DefaultPort usage
• lxd/vsock: shared.DefaultPort usage
• lxd/util/http: shared.DefaultPort usage
• lxd/main/init: shared.DefaultPort usage
• lxd/db: Handle null value for nodeID
• lxd/daemon: Make db aware of remote storage drivers
• lxd/daemon: Perform automatic snapshots on random node
• lxd/storage: Refuse BLOCK_AND_RSYNC with running instance
• lxd/apparmor: Simplify profile name generation
• lxd/device: Export Name and Config
• lxd/apparmor: Shrink instance interface
• lxd/apparmor/forkdns: Alignment
• lxd/apparmor/forkdns: Support LD_LIBRARY_PATH
• lxd/api/cluster: Makes ServerAddress field required for clusterPutJoin
• lxd/network/driver/ovn: Makes ping test in startParentPortBridge async
• lxd/init: Updates initDataNodeApply to use revert package and to revert itself on error
• lxd/cluster/connect: Adds UserAgentNotifier constant
• lxd/cluster/connect: Adds UserAgentJoiner constant
• lxd/cluster/connect: Adds ClientType type and UserAgentClientType function
• lxd/api: Updates isClusterNotification to use cluster.UserAgentNotifier
• lxd/api/cluster: clusterInitMember comments
• lxd/api/cluster: initDataNodeApply usage
• lxd/main/init: initDataNodeApply usage
• lxd/api/cluster: Updates clusterPutJoin to use cluster.UserAgentJoiner when sending requests to local node
• lxd/network/network/interfaces: Replaces clusterNotification bool with cluster.ClientType
• lxd/network/driver/common: cluster.ClientType usage
• lxd/network/driver: cluster.ClientType usage
• lxd/network/driver/ovn: cluster.ClientType usage
• lxd/networks: cluster.ClientType usage
• lxd/apparmor/dnsmasq: Add /proc/self/fd
• lxd/apparmor/forkdns: Allow reading/mapping the binary
• lxd/apparmor: Add forkproxy
• lxd/device/forkproxy: Add apparmor
• lxd/instance/instance/interface: Moves Project() function into ConfigReader interface
• lxd/instance/drivers/driver/common: Adds Project function
• lxd/instance/drivers/driver/lxc: Updates lxc to use common fields
• lxd/instance/drivers/driver/lxc: Removes driver specific Project function
• lxd/instance/drivers/driver/qemu: Removes driver specific Project function
• lxd/network/network/utils: Improves UpdateDNSMasqStatic error message
• lxd/daemon: db.StorageRemoteDriverNames usage
• lxd/db: StorageRemoteDriverNames usage
• lxd/db/storage/pools: Renames GetRemoteDrivers to StorageRemoteDriverNames for clarity
• lxd/storage/drivers/load: Cache supported drivers
• lxd/storage/drivers/load: Remove references to "support" in AllDriverNames
• lxd/apparmor/forkproxy: Fix running on i386
• lxd/storage/drivers/interface: Adds isRemote function
• lxd/storage/drivers/driver/common: Adds isRemote() function that returns false
• lxd/storage/drivers/driver: Updates driver's Info() function to call d.isRemote()
• lxd/storage/drivers/ceph: Implements isRemote function for ceph and cephfs
• lxd/storage/drivers/load: Removes SupportedDrivers caching and updates comment
• lxd/storage/drivers/load: Simplifies RemoteDriverNames to use the isRemote function
• lxd/daemon: storageDrivers.RemoteDriverNames usage simplifcation
• doc/networks: Rename OVN parent to network
• lxd/networks/ovn: Rename parent to network
• scripts/bash: Add network config key
• i18n: Update translations from weblate

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 2.0.12 リリースのお知らせ ¶

14th of August 2020

はじめに ¶

LXD チームが LXD 2.0.12 のリリースをお知らせします!

このリリースは、2021 年 6 月までサポートされる LXD 2.0 に対する 12 個目のバグフィックスリリースです。

バグ修正と改良点 ¶

一番古い LTS リリースである LXD 2.0 は 2017 年 10 月以来リリースがありませんでした。

この 2.0 系の LTS ブランチはセキュリティフィックスのみが行われるモードに入っています。このリリースは 2.0.11 に入らなかった古いバグ修正のいくつかと、LXD のこのブランチをビルドできるようにするための修正のみを含んでいます。

この一部として、LXD の依存関係のいくつかが、古いバージョンの Go でビルドできなくなり、LXD 2.0.11 が Go 1.13, 1.14, 1.15 で実行でき、少なくとも 1.11 ではビルドできないことを確認しました。

重要な修正やセキュリティ上の修正はないため、古い Go のバージョンを必要とするディストリビューションは 2.0.11 を維持するべきです。

最後に、LXD 2.0 LTS をまだ使っているユーザーは、このブランチでは重要なセキュリティ上の問題のみが修正され、1 年以内にサポートが終了しますので、より新しいバージョンにアップグレードすることをおすすめします。2.0 LTS から直接 4.0 LTS へアップグレードすることがサポートされています。

コミットの全リストは次のとおりです（翻訳なし）:

• Fix file transfers to/from stdin/stdout in snap
• If running as root in the snap, use /proc/1/root
• Fix failure due to bind-mount through /proc
• all: move to bakery.v2
• Update the "lxc list" help to match stable-2.0
• tests: Don't use godeps for import check
• Make current gofmt happy
• Make current gofmt happy (stable-2.0 specific)
• liblxc: detect version at runtime
• Update for newer ZFS releases
• zfs: try pool import
• Revert most of the macaroon support in client
• client: Add GetOperationUUIDs and GetOperations
• lxd/logs: Don't allow removing lxc.conf or lxc.log
• shared/api: Add API extension label to AuthMethods
• Drop logging setup in Daemon.Init()
• Add helper to redirect the global logger to the testing logger
• Add a shared.KeyPairAndCA function to get coventionally named certs
• Add new debug sub-package with support for memory profiling
• Add lxd/task sub-package for running functions periodically
• Fix output of --print-goroutines-every
• Add cpu profiling and goroutines printing to the debug sub-package
• Move execPath global variable to sys.OS.ExecPath
• Move global aaAvailable global variable to sys.OS
• Move global aaStacking global variable to sys.OS
• Move global runningInUserns global variable to sys.OS
• Move global aaAdmin global variable to sys.OS
• Move global aaConfined global variable to sys.OS
• Move global cgBlkioController global variable to sys.OS
• Move global cgCpuController global variable to sys.OS
• Move remaining global cgXXX global variables to sys.OS
• Move directory initialization to sys.OS.
• Drop unnecessary checks on MockMode
• Vendor a copy of log15 in shared/log15
• Revert "Temporary workaround for log15 API breakage"
• Switch to the built-in log15
• Add a endpoints.Endpoints class for managing HTTP endpoints
• Wire endpoints.Endpoints into Daemon
• lxd/daemon: Fix unsetting https address
• Move optional Daemon config values to DaemonConfig
• Don't skip Daemon.Ready() in tests, it can be run unconditionally
• Wire debug utilities into main_daemon.go
• Track the lifecycle of the goroutine performing log expiration
• Streamline Daemon init and shutdownn
• Control all goroutines spawned in Daemon.Ready() using task.Task
• Don't use global path variables in sys.OS
• Switch to the built-in log15
• Return the initial schema version in Schema.Ensure()
• Add a Schema.Fresh() method to set a "bootstrap" SQL statement
• Complete moving schema creation logic to schema.Schema
• Rename Daemon.db to Daemon.nodeDB
• Convert a few call sites of sql.DB.Begin to db.DB.Begin
• Rename State.DB to State.NodeDB
• Convert remaining call sites of the low-level db.Begin function
• Rename db.QueryScan to db.queryScan, making it unexported
• Remove direct use of the low-level db.Exec() func outside of lxd/db/
• Rename db.Exec to db.exec, making it unexported
• Move certificate db APIs to the db.Node facade
• Move container db APIs to the db.Node facade
• zfs: Fix slowdown because of mountpoint check
• tests: Deal with missing ttyS0/ttyS1 (on s390x)
• Move profile db APIs to the db.Node facade
• Move patches db APIs to the db.Node facade
• Move image db APIs to the db.Node facade
• Move devices db APIs to the db.Node facade
• Drop all references to Daemon.nodeDB
• Use instance-level cache dir variable instead of the environment one
• Use instance-level log dir variable instead of the environment one
• Use instance-level var dir variable instead of the environment one
• Add initial Go-level daemon integration-like test
• Add lxd/config sub-package implementing structured config maps
• Rename db_test.go to db_internal_test.go, since it's white box
• Add db.NewTestNode helper for database-related unit tests
• Add a db.NodeTx structure to abstract away low-level transactions
• Add low-level query helpers for changing config tables
• Add db APIs for fetching and changing node-local config values
• Add node.Config high-level API for modifying node-level config
• Cleanup test state at every test, to improve isolation.
• Move node-level schema updates to their own db/local/ sub-package.
• Add Schema.ExerciseUpdate() for testing a individual update
• Fix spurious tx.Exec argument in lxd/db/schema/query.go
• Extract the APIExtensions list from api10Get
• Add error messages to lxdTestSuite setup and teardown
• Add query.Count utility
• Switch to the built-in log15
• Setup mock storage driver
• Extract initialization of the REST and /dev/lxd http Server
• Add support for gracefully aborting schema.Ensure
• Drop the containerLXC.OS() convenience
• Rename container.StateObject() to container.DaemonObject()
• Drop the storageShared.OS() convenience
• Move util.AppArmorCanStack to a private appArmorCanStack in lxd/sys
• Drop trailing slash from cgroup paths definitions
• Drop pointless comments about function calls being no-op
• Rename variable "code" to "kind" for consistency
• Drop logging message when retrying to listen to a network port
• Fixed typos in the task sub-package
• Fix docstring in shared.KeyPairAndCA
• Drop unused import in lxd/db/certificates.go
• Rename Cert to Certificate in API names of lxd/db/certificates.go
• Fix import formatting in lxd/db/patches.go
• Split version declarations in shared/version into several files
• shared/logging: Add freebsd build conditional to log_posix.go
• Switch to the built-in log15
• Gracefully cancel tasks on daemon shutdown
• Fixed wording in comment
• Tweak schedule function for pruning images
• Expose task.Task instead of returning an integer handle
• client: Name all the return values in interfaces
• Fix some typos
• Fix some typos
• tests: Check for typos
• tests: Add test for unused variables
• api: add console structs
• client: add client API ConsoleContainer()
• container_lxc: add lxcParseRawLXC()
• client: add client API GetContainerConsoleLog()
• client: add client API DeleteContainerConsoleLog()
• container_exec: check for OpenPty() error
• client: add "ConsoleDisconnect" argument
• shared/idmap: Fix handling of hardlinks
• lxd/containers: Skip sockets in tarballs
• lxd/dameon: Add LXD_EXEC_PATH to override execPath
• Fix a number of unchecked variables
• lxd/containers: Only init the config if needed
• lxc/file: Log downloads/uploads
• lxd/init: Re-add missing ZFS pool name question
• lxd/init: Fix bad handling of dir backend
• Added documentation about shell env to lxc exec
• lxd-benchmark: Change the default count of containers from 100 to 1
• shared/util: add EscapePathFstab()
• devlxd: Properly lock the internal struct
• migrate.proto: silence protobuf compiler warning
• migrate: older than lxc 2.0.4 will fail
• Makefile: Better detect sqlite3.h
• client: URL escape all user input
• devlxd: Cleanup in preparation for events
• lxd/certificates: Add missing name value
• Makefile: Don't hardcode gcc
• container_lxc: actually return an error
• i18n: Update translation templates
• travis: Bump Go versions
• shared/utils: deal with symlinks
• travis: Limit to just Go 1.9
• Update LVM documentation
• zfs: fix argument order of zfs get commands.
• network: fix insertNetworkDevice()
• container_lxc: escape paths fstab style
• migrate: prepare for pre-copy migration
• Fixed typo in comment about SubCommands in lxd/main.go KishanRPatel katiewasnothere dinopanda jialin-li kianaalcala
• lxd/containers: Fix race condition in shutdown
• lxd/containers: Log auto-start errors
• lxc/exec: Fix typo
• lxd/containers: Fix tc egress rules
• lxd/events: Cleanup event listener setup
• Update issue template
• doc: Add /images//secret to API list
• lxd/containers: No slahses in snapshot names
• lxd/init: Strip leading and trailing spaces
• change “your first time using LXD” to something less confusing
• doc/README: Update source build instructions
• doc/containers: Document CPU limits
• i18n: Update translation template
• scripts/vagrant: The LXD PPA is gone
• allow arbitrary users to read idmaps
• drop \n from IdmapSet's ToLxcString
• lxd/containers: Fix container shutdown on exit
• lxd/main: Don't mention --preseed on 2.0
• i18n: Fix bad japanese translation
• fix parsing for container name tab-completion
• lxc/file: Fix edit in a snap environment
• shared/idmap:DefaultIdmapSet(): take a user argument
• *: move download function to shared
• shared/hostpath: Also check SNAP_NAME
• shared/hostpath: Properly handle prefix check
• termios: Workaround vet on go tip
• test: fix shellcheck complaints
• lxd,shared: move archive functions to shared
• containers: Default to pids cgroup for fork bomb mitigation
• tests: Check for mixed tabs/spaces and trailing whitespaces
• tests: Fix mixed tabs/spaces
• api: Include message format for events
• events: Use api message type
• api: Add NetworkLease struct
• client: Add network leases handling
• lxc: Properly handle the --version flag
• lxd-benchmark: Fix new go vet warnings
• lxc: Make the / syntax work
• i18n: Update translation templates
• Make the test suite use lxc.apparmor.profile instead of lxc.aa_profile
• Check for LXC version to decide which apparmor profile config key to use
• setup-lvm: Fix pyflakes warnings
• shared/cancel: Properly lock map
• shared/cancel: Make the cancel code golint clean
• lxd: Rework listening logic
• lxd-benchmark: Fix golint
• lxd/types: Make golint clean
• client: Check API extension for storage
• client: Check API extension for network
• shared/api: add local storage volume {copy,move}
• client: add {Copy,Move}StoragePoolVolume()
• api: Add description field on operation
• shared/eagain: Make our EAGAIN code a new package
• lxd/netcat: Port to using shared/eagain
• lxd/daemon: Cleanup startup code a bit
• tests: Wait up to 20s for image to expire
• tests: Consistency
• fuidshift: Drop specific Makefile
• shared/version: Include storage backends in agent
• lxc: Fix golint
• lxd/util: Fix golint
• tests: Update list of golint clean packages
• i18n: Look at all lxc files
• lxc: Introduce a new utils package
• lxd: Move migration code to own package
• shared: Remove dead code
• lxd: Restrict pongo2 file functions
• tests: Fix recent Go test breakages
• lxc/utils: Sync stringList with master
• scripts/bash: tweak complete line for snaps
• Add some missing "Return:" headings to make sample return values formatting right
• container_lxc: keep full capability set
• Fix version parsing of LXC betas
• Ignore io.EOF errors when performing PUT /internal/shutdown
• lxd/shutdown: Fix error string check
• lxd/shutdown: Fix typo in error handling
• lxd/init: Prevent non-root execution
• lxd/init: Don't fail test when non-root
• memory: fix format string
• db: Fix bad format string
• client: Remove debug statements
• db: Fix more format issues
• lxd/migration: Update protocol
• i18n: Update message catalogs and Japanese translation
• shared/api: Don't re-define fields
• doc: add the appropriate titles to some documents
• lxc: Fix manpage subcommand
• shared/idmap: Workaround Go tip change
• lxc: Remove dead code
• Manually release the liblxc structs
• lxd/containers: Adapt to go-lxc Release
• tests: Bump LV size to 50MB
• lxd/util: Fix formatting
• tests: Tweak fdleak test
• lxd/util: Add missing import
• travis: Sync with current
• Release LXD 2.0.12

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 4.0.3 リリースのお知らせ¶

12th of August 2020

Introduction¶

LXD チームが LXD 4.0.3 のリリースをお知らせします!

このリリースは、2025 年 6 月までサポートされる LXD 4.0 に対する 3 つめのバグフィックスリリースです。

バグ修正と改良 ¶

このリリースには、開発ブランチからの数カ月分のバグフィックスと細かな改善が含まれています。

このリリースでは、VGA コンソール（LXD API 内の SPICE）とプロジェクトのディスク制限が含まれており、少し拡張された「マイナーな改良」となっています。4.0 リリースの主要な機能のいくつかのギャップを埋めるには、これが重要で（そして簡単だ）と思ったのです。

これらの機能は、データベーススキーマの更新を必要とせず、ダウングレードを防止したり、ディスク上の構造を変更したりすることもありませんので、変更を行うことは安全で重要であると感じました。

主な変更点は次のとおりです:

• lxc launch に新たに --console フラグが追加されました
• 仮想マシン内の /dev/lxd API のサポート
• /1.0/resources API 内で GPU 媒介（mediated）デバイスのサポート
• 仮想マシンに対する VGA コンソールのサポートの追加。クライアントで --console=vga（lxc launchもしくはlxc start）や --type=vga（lxc console）を指定します
• dnsmasq と forkdns に対する自動的な AppArmor プロファイルの生成
• プロジェクトに対するディスク制限（limits.disk設定オプション）

コミットの全リストは次のとおりです（翻訳なし）:

• lxd/storage: Better handle broken volumes
• client: Handle unknown image sizes
• lxd/response: Stream multi-part responses
• lxd/device/disk: Fixes cloud-init errors for VMs
• lxc/action: Show usage on missing target
• lxd/storage: Rely on UsedBy for deletion error
• lxd/instances/qemu: Use images dir during compression
• lxd/storage/drivers: Rename fs to filesystem
• shared/api: Add ContentType to storage volume structs
• client: Support custom block volumes
• lxd/util: Detect hugetlbfs mount point
• lxd/cluster: Always check for dqlite protocol version mismatches
• lxd/cluster: Don't run unncessary HEAD probe upon dqlite connections
• forksyscall: use nsids for shiftfs syscall intercepts
• lxd/db: Drop ClusterRoleDatabase records from the database
• lxd/cluster: Fetch database role information directly from raft
• lxd/storage: Fix regression in truncate handling
• lxd/cluster: Only look up raft_nodes for resolving the address of node 1
• lxd/cluster: Leverage RolesChanges.Handover() to choose handover target
• lxd: Increase timeout of go unit tests when ran from Emacs
• lxd/cluster: Skip unncessary loading of nodes from database in Rebalance()
• lxd/cluster: Leverage RolesChanges.Adjust() to choose rebalance target
• lxd/cluster: Increase time budget of client.Assign() when assigning voter role
• lxd/cluster: When demoting to Spare only transition to StandBy if Voter
• lxd/project: Add more name checks
• doc/server: Cover listen + authentication
• lxd/qemu: Don't do file lock on custom volumes
• shared/api: Add FailureDomain field to ClusterMemberPut
• client: Check clustering_failure_domains extension when updating a member
• instance: update terminology I
• lxd/network: Validate ipv4/ipv6 routes
• lxd/proxy: Fix govet
• lxd/rsync: Add AtLeast
• lxd/rsync: Filter out security.selinux
• lxd-p2c: Filter out security.selinux
• lxc-to-lxd: Filter out security.selinux
• lxc/launch: Add --console
• instance: introduce container_syscall_filtering_allow_deny extension
• tests: remove trailing comma
• lxd/instance/drivers: Provide instance-data file
• lxd-agent: Support /dev/lxd
• lxd/instance/drivers: Allow updating running VMs
• tests: Fix bad ipv6.routes value
• lxc/instance/drivers/qemu: Support ephemeral VMs
• lxd/qemu: Use memory backend ram/file
• lxc/image: Fix dir handling on snap
• lxd/qemu: Fix crash on non-pinned VM
• lxc/image: Fix more dir handling on snap
• terminals: update terminology again
• doc/instances: Improves proxy docs
• lxc/main_alias: Handle leading arguments
• lxd/storage: Fix block volume migration
• lxd/rbac: Always allow internal cluster traffic
• units: handle multiplication integer overflow
• lxd/rsync: Untangle from daemon package
• lxd/qemu: Don't use file.locking with rbd
• lxd/storage/zfs: Use autotrim when available
• lxd: Add clustering_fix_raft_address_zero patch to fix node with "0" as address
• Revert "lxd/storage: Fix block volume migration"
• lxd/resources: Use udev model data if available
• Decode error
• doc/api-extensions: Fix escaping
• share/api: Add GPU mdev
• lxd/resources: Add GPU mdev
• api: Add GPU mdev
• lxd/qemu: Fix unbound hugepages
• lxd/qemu: Properly connect memory
• api: console_vga_type
• doc/rest-api: Add type field to console
• shared/api: Add Type field to InstanceConsolePost
• lxd/instance: Add protocol argument to Instance.Console()
• lxd/instance/drivers: Support VGA output in qemu.Console()
• lxd: Handle "vga" type in console API handler
• client: Add ConsoleInstanceDynamic() to support multiple websocket connections
• lxc: Add --type flag to "lxc console"
• i18n: Update translation templates
• lxc/console: Missing error handling
• lxc/console: Prefer remote-viewer
• lxc: Populate cmdConsole.flagType also when ran manually
• lxc/console: Short argument for type
• lxc: Allow using --console=TYPE
• lxd/images: Rename imgPostContInfo to imgPostInstanceInfo
• lxd/instances: Return and set image properties
• lxd/qemu: Add support for spice agent
• lxc/console: Disconnect on shutdown
• lxd/db: Drive-by removal of leftover fmt.Printf's
• lxd/main_daemon: s/containers/instances/
• lxd: s/containersShutdown/instancesShutdown/
• lxd: Add context to daemon
• lxd/operations: Add db operation type to Operation
• lxd: Add waitForOperations()
• lxd: Shut down gracefully
• lxd/operations/operations: Fix hanging cancelation
• lxd/instance_post: Pass cancel function to websocket operation
• client/lxd_instances: Cancel websocket op if needed
• lxd/daemon: Return 503 when shutting down
• doc/api-extensions: Fix over-escaping
• lxd: Add --force flag to lxd shutdown
• shared/instance: Move network validation functions to shared
• lxd/db/networks: Adds internal network type constants
• lxd/db/networks: Updates CreateNetwork to accept a network type
• lxd/db/networks: Updates CreatePendingNetwork to accept a network type
• lxd/network/network/interface: Adds network interface
• lxd/network/network/load: LoadByName to use Network interface, add Validate
• lxd/network/errors: Adds error constants
• lxd/network/network/utils: Moved validation functions from main package
• lxd/network/driver/common: Adds common driver
• lxd/network/driver/bridge: Renames network to driver_bridge
• lxd/networks/utils: Remove unused network validation functions in main
• lxd/device/device/utils/network: Removes unused validation functions
• lxd/device/device/utils/proxy: shared.IsNetworkAddress usage
• lxd/device/nic: shared validation function usage
• lxd/device/nic/bridged: Support Network interface
• lxd/device/nic/ipvlan: shared validation function usage
• lxd/device/nic/routed: shared validation function usage
• lxd/main/init/interactive: Uses network name validation from network package
• lxd/networks: ValidNetworkName usage in networkPost
• lxd/networks: Updates doNetworkUpdate to use network package validation
• lxd/networks: Updates networksPost to support network type
• lxd/networks: Remove use of network.IsRunning in networkShutdown
• lxd/networks/config: Removed
• lxd/networks/utils: Updates usage of n.RefreshForkdnsServerAddresses to generic n.HandleHearbeat
• lxd: Updates network tests to pass netType
• lxd/network/network/utils: Unexports usesIPv4Firewall and usesIPv6Firewall
• lxd/network/driver/bridge: usesIPv4Firewall and usesIPv6Firewall usage
• lxd/apparmor: Use templating
• lxd/apparmor: Use proper version parsing
• lxd/network/driver/common: Adds config diff and db update common functions
• lxd/network/driver/common: Adds contextual logger
• lxd/network/driver/common: Removes stuttering on "common" in validation rules function
• lxd/network/driver/bridge: Updates to use contextual logger
• lxd/network/driver/bridge: Simplifies Update function to use common update functions
• lxc/networks: Renames notify to clusterNotification in doNetworkUpdate
• lxd/network/network/interface: Clarifies Update arguments
• lxd/network/network/interface: Renames Delete withDatabase arg to clusterNotification
• lxd/network/driver/common: Adds common delete function
• lxd/networks: Cleans up networksPost to use clusterNotification argument correctly
• lxd/networks: Log quoting in networksPostCluster
• lxd/networks: Cleans up doNetworksCreate to use clusterNotification argument
• lxd/network/driver/bridge: Updates Delete to use common delete function
• lxd/network/driver/bridge: Adds logging to Update
• lxd/networks: Removes bridge specific logic in doNetworkUpdate
• lxd/network/driver/bridge: Adds fan auto detection logic to Update
• lxd/network/driver/common: Adds rename common function
• lxd/network/driver/bridge: Updates Rename to use common rename function
• lxd/networks: networkPost logging quoting
• lxc/network/driver/bridge: isRunning comment
• lxd/network/driver/bridge: Unexports hasIPv4Firewall and hasIPv6Firewall
• lxd/networks: Detect unknown network type in networksPost, dont assume bridge
• lxd/networks: comment fix in networksPostCluster
• lxd/networks: Allow for different managed network types in doNetworkGet
• lxd/network/network/interface: Adds fillConfig to interface
• lxd/network/driver/common: Adds default fillConfig function
• lxd/network/driver/common: Adds default HandleHeartbeat function
• lxd/network/network/load: Adds per-driver FillConfig wrapper
• lxd/network/network/utils: Removes generic FillConfig
• lxd/network/driver/bridge: fillConfig implementation
• lxd/network/driver/bridge: Exposes error message from ValidNetworkName in Validate
• shared/version: Add projects_limits_disk extension
• doc: Document limits.disk project configuration key
• lxd: Add "limits.disk" to supported project config keys
• lxd/project: Check that root disk sizes are within limits.disk
• lxd/project: Add projectInfo struct to hold together project's extra info
• lxd/db: Add GetCustomVolumesInProject() to fetch custom volumes in a project
• lxd/project: Fetch the project's custom volumes
• lxd/project: Consider custom volumes sizes in checkAggregateLimits
• lxd/project: Add AllowVolumeCreation() to check limits upon volume creation
• lxd: Call project.AllowVolumeCreation() before creating custom volumes
• lxd/project: Add AllowVolumeUpdate() to check custom volumes config updates
• lxd: Call project.AllowVolumeUpdate() before modifying a custom volume
• shared: Add QuotaWriter
• lxd/project: Add GetImageSpaceBudget() returning image disk space budget
• lxd: Possibly limit the disk space that can be used by POST /1.0/images
• lxd: Check available project budget when publishing an instance as image
• lxd/project: Fill missing fields when checking instance creation
• lxd/project: Skip checks when unsetting limits
• lxd: Honor project disk budget when downloading images
• test: Add tests for the "limits.disk" project config key
• lxd/sys: Create apparmor/seccomp paths
• lxd/apparmor: Split and rename instance functions
• lxd/resources/storage: Use ID_MODEL_ENC when possible
• shared: Add InSnap
• shared/subprocess: Add AppArmor support
• lxd/apparmor: Rename template
• lxd/apparmor: Add dnsmasq profile
• lxd/networks: Use AppArmor when available
• tests: Delete leftover storage volume
• lxd/operations/operations: Renames Operations to Clone
• lxd-agent/operations: operations.Clone() usage
• lxd: operations.Clone() usage
• Drop from .travis.yaml Go versions we don't support anymore
• shared/api/network: Adds network status constants
• lxd/networks: API constant usage in networkDelete
• lxd/network/network/load: Adds status
• lxd/network/network/interface: Adds status function
• lxd/network/driver/common: Adds status field and function
• lxd/network/driver/bridge: Don't allow starting a pending network
• lxd/device/nic/bridged: Usage of d.state.Cluster.GetNetworkInAnyState in rebuildDnsmasqEntry
• lxd/api/cluster: Usage of api.NetworkStatusPending
• lxd/db/networks: Usage of api package's NetworkStatus constants in getNetwork
• lxd/db/networks: Removes unused GetNetwork
• lxd/db/networks: GetNonPendingNetworks comment
• lxd/db/networks: Allow pending nodes to be added to errored networks in CreatePendingNetwork
• lxd/db/networks: CreatePendingNetwork comments and line spacing
• lxd/networks/utils: Skip network load error in networkUpdateForkdnsServersTask
• lxd/device/nic/bridged: Validates network is type bridge
• lxc/device/nic/bridged: Only allow using non-Pending networks
• lxd/networks: Various comment and error quoting consistency fixes
• lxd/networks: Validate network name earlier in networksPost
• lxc/networks: Validate config in doNetworksCreate
• lxd/db/networks: Ensure that network type matches existing pending network in CreatePendingNetwork
• lxd/db/networks: Remove errored state on successful update in UpdateNetwork
• lxd/network/driver/bridge: Adds targetNode arg to Update
• lxd/network/network/interface: Adds targetNode arg to Update
• lxd/network/driver/common: Tweaks to update function in cluster environment
• lxd/networks: networksPost error response tweaks
• lxd/networks: Updates networksPostCluster
• lxd/networks: Unifies networkPut and networkPatch
• lxd/device/nictype: Adds small package to resolve NIC device nictype from network
• lxd/device/config/devices: Removes NICType
• lxd/device/config/devices: Improves comment on Update
• lxd/device/device/load: Removes devTypes map and updates load to use NICType function
• lxd/device: Removes device load helpers
• lxd/device/device/utils/network: nictype.NICType usage
• lxd/device/nic/bridged: Updates usage of functions whos signatures changed due to NICType
• lxd/device/nic/p2p: Updates usage of functions that changed signature due to NICType
• lxd/device/proxy: nictype.NICType usage
• lxd/instance/drivers/driver/lxc: nictype.NICType usage
• lxd/instance/drivers/driver/qemu: nictype.NICType usage
• lxd/network/driver/bridge: Usage of functions that changed signature due to NICType
• lxd/network/driver/common: Updates IsUsed for NICType signature changes and checks for profile usage
• lxd/network/network/interface: Signature change of IsUsed to accomodate NICType
• lxd/network/network/utils: Usage of nictype.NICType and signature changes to accomodate it
• lxd/networks: nictype.NICType usage and comment improvements
• lxd/networks: Comment ending consistency
• test: Updates tests to delete profiles before networks
• lxd/networks: Remove database record on error in networksPost
• test: sriov NIC comment ending consistency
• doc/networks: Re-arranges network docs to support different types
• doc/networks: Fixes typo
• lxd/network/openvswitch/ovs: Adds OVS wrapper
• lxd/network/driver/bridge: ovs usage
• lxd/network/network/utils: ovs usage
• lxd/networks: ovs.BridgeExists usage
• tree-wide: add dummy include package for cgo
• doc/images: Cover the various image servers
• doc: Typo fix
• lxd/networks: Fixes bug in doNetworkUpdate that prevents removal of non-node specific keys
• lxd/network/driver/bridge: Consistent comment ending in setup()
• lxd/network/network/interface: fillConfig signature
• lxd/network/driver/common: Updates fillConfig signature
• lxd/network/driver/bridge: Updates fillConfig signature
• lxd/network/network/load: Updates FillConfig to use new signature
• lxd/network/driver/bridge: Fixes Update to regenerate default values if missing
• test/suites/container/devices/nic/bridged: Fixes DHCP disable by setting IP address none
• lxd/network/driver/bridge: Dont fail start if cannot restore third party route
• lxd/migrate: Fix crash in sendControl when no active connection
• lxd/operations: Fix typo
• lxc/export: Plug in cancelable wait
• i18n: Update translation templates
• lxd/devices/device/utils/network: Removes networkValidMAC
• shared/instance: Adds IsNetworkMAC for use in network and device packages
• lxd/device/nic: shared.IsNetworkMAC usage
• lxd/network/driver/bridge: Adds volatile.bridge.hwaddr key
• shared/validate: Adds validate helper package
• lxd: Updates use of validate helper functions now in validate package
• shared: Removes validate helper functions
• lxd/device/device/utils/infiniband: Changes infinibandValidMAC to use net.ParseMAC
• lxd/device/device/utils/infiniband/test: Changes test name for linter
• lxd/networks: Allow update/removal of node-specific key in non-clustered mode
• lxd/network/driver/bridge: Adds safety check for volatile MAC address usage
• lxd/device: fix empty error message when tc fails
• test: Wait for operations to be removed from the database
• shared/validate: Adds Optional() validate wrapper
• shared/validate: Makes IsInt64 non-optional
• lxd/network/driver/bridge: Add validate.Optional() wrapper for validate.IsInt64 usage
• lxd/storage/utils: Adds validate.Optional() wrapper for validate.IsInt64 usage
• shared/instance: Adds validate.Optional() wrapper for validate.IsInt64 usage
• lxd/device/device/utils/network: Removes networkValidVLAN
• shared/validate: Adds IsNetworkVLAN
• lxd/device/nic: validate.IsNetworkVLAN usage
• seccomp: switch from individual pread() to process_vm_readv()
• seccomp: fix i386 builds
• seccomp: ensure that target process is still valid
• client: Move proxyMigration
• lxd: Port remaining calls to instance
• lxd/network/driver/common: Adds Create function no-op
• lxd/network/network/interface: Adds Create function
• lxd/networks: Adds call to network Create in doNetworksCreate
• lxd/device/device/utils/network: Adds networkDHCPValidIP
• lxd/device/nic/bridged: Removes networkDHCPValidIP
• lxd/device/device/utils/networks: Splits networkSetupHostVethDevice into multiple functions
• lxd/device/nic/bridged: networkVethFillFromVolatile usage and other host-veth functions
• lxd/device/nic/p2p: networkVethFillFromVolatile usage and other host-veth helper functions
• lxd/device/nic/routed: networkVethFillFromVolatile usage and other host-veth helper functions
• lxd/network/network/utils: Updates isInUseByDevices to support networks that don't match their physical parent
• lxd/device: Add missing sriov type
• lxc/move: Allow --target with cluster destination
• i18n: Update translation templates
• lxd/networks: Validate network config before starting networks on startup
• lxd/network/driver/common: Call init() in update() to consistency apply new internal state
• lxd/device/device/utils/network: Removes networkDHCPValidIP
• lxd/dnsmasq/dhcpalloc: Adds static DHCP allocation package for dnsmasq
• lxd/dnsmasq: Renames DHCPStaticIPs to DHCPStaticAllocation
• lxd/dnsmasq: Renames DHCPAllocatedIPs to DHCPAllAllocations
• lxd/network/network/utils: Removes GetIP
• lxd/network/network/utils: dhcpalloc.GetIP usage
• lxd/network/network/utils: dnsmasq.DHCPStaticAllocation usage
• lxd/network/network/interface: Changes of functions to accomodate dhcpalloc package
• lxd/network/driver/common: Implements default no-op function for non-dhcp enabled networks
• lxd/network/driver/common: dhcpalloc.DHCPRange usage
• lxd/network/driver/bridge: dhcpalloc package function usage
• lxd/network/driver/bridge: DHCPv4Subnet and DHCPv6Subnet implementations
• lxd/device/nic/bridged: Comment correction
• lxd/device/nic/bridged: n.DHCPv4Subnet and n.DHCPv6Subnet usage
• lxd/device/nic/bridged: dnsmasq.DHCPStaticAllocation usage
• lxd/device/nic/bridged: dhcpalloc.DHCPValidIP usage
• lxd/device/nic/bridged: Switches static DHCP allocation for IP filtering to dnsmasq/dhcpalloc
• lxd/main_activateifneeded: Clarify 'No DB' debug statements
• doc: s/container/instance/g
• doc/backup: Add note about the snap mntns
• lxd/apparmor: Don't fail on missing apparmor
• shared/validate: Makes IsUint32 non-optional
• lxd: Wraps validate.IsUint32 in validate.Optional
• shared/instance: Wraps validate.IsUint32 in validate.Optional
• shared/validate: Makes IsUint8 non-optional
• lxd/network/driver/bridge: Wraps validate.IsUint8 in validate.Optional
• shared/validate: Makes IsPriority non-optional
• shared/instance: Wraps validate.IsPriority in validate.Optional
• shared/validate: Makes IsBool non-optional
• lxd: Wraps validate.IsBool in validate.Optional
• shared/instance: Wraps validate.IsBool in validate.Optional
• shared/validate: Makes IsSize non-optional
• lxd: Wraps validate.IsSize in validate.Optional
• shared/instance: Wraps validate.IsSize in validate.Optional
• shared/validate: Makes IsNetworkAddress non-optional
• lxd: Wraps validate.IsNetworkAddress in validate.Optional
• shared/validate: Makes IsNetworkV4 non-optional
• lxd/network/driver/bridge: Wraps validate.IsNetworkV4 in shared.Optional
• shared/validate: Makes IsNetworkAddressV4 non-optional
• lxd/device/nic: Wraps validate.IsNetworkAddressV4 in validate.Optional
• lxd/network/driver/bridge: Wraps validate.IsNetworkAddressV4 in validate.Optional
• shared/validate: Makes IsNetworkAddressCIDRV4 non-optional
• lxd: Wraps validate.IsNetworkAddressCIDRV4 in validate.Optional
• shared/validate: Makes IsDeviceID non-optional
• lxd/device: Wraps validate.IsDeviceID in validate.Optional
• shared/validate: Makes IsNetworkV6 non-optional
• shared/validate: Makes IsNetworkAddressCIDRV6 non-optional
• lxd: Wraps validate.IsNetworkAddressCIDRV6 in validate.Optional
• shared/validate: Makes IsNetworkAddressV6 non-optional
• lxd: Wraps validate.IsNetworkAddressV6 in validate.Optional
• lxd/device/nic/routed: Wraps validate.IsNetworkAddressV4List in validate.Optional
• lxd: Wraps validate.IsNetworkV4List and validate.IsNetworkV6List in validate.Optional
• shared/validate: Tweaks IsNetworkVLAN error message ordering
• shared/validate: comment spacing
• daemon: check whether shiftfs is useable
• lxd/network/network/utils: Renames ValidNetworkName to validInterfaceName
• lxd/network/network/utils: Adds validVirtualNetworkName
• lxd/network/network/interfaces: Adds ValidateName
• lxd/network/driver/bridge: Implements ValidateName
• lxd/network/network/load: Adds ValidateName helper function
• lxd/main/init/interactive: Switches to network.ValidateName for bridge validation
• lxd/networks: Switches to network.ValidateName
• lxd/storage/utils: Simplifies error message from ValidName
• lxd/cluster/config: Fix import ordering of external package
• lxd/network/openvswitch: Name functions consistently using ObjectAction format
• lxd/network/driver/bridge: OVS function naming usage
• lxd/network/network/utils: OVS function naming usage
• lxd/network/network/interface: Adds ID() function
• lxd/network/driver/common: Implements ID() function
• lxd/resources: Fix total memory for per NUMA node
• lxd/rsync: Don't pass --bwlimit when no limits set
• client/operations: Fixes race conditions
• lxd/operations: Fixes race conditions
• client: More races fixed
• Makefile: Adds race target for enabling race detector
• Makefile: Correctly builds lxd-p2c and lxd-agent in debug and nocache targets
• client/operations: Race fix
• lxd/db: Adds mutex to fix races
• lxd/operations: Fixes races
• shared/validate: Adds IsURLSegmentSafe function
• lxd/network/driver/common: Adds common ValidateName function
• lxd/network/driver/bridge: Changes ValidateName to use common validation too
• lxd/network/network/load: Adds field name context to name validation errors
• lxd/network/network/utils: Removes validVirtualNetworkName
• lxd/networks: Returns network context on network startup failure
• shared/validate: Adds Required() and makes Optional() accept multiple validators
• test/suites/storage: LVM size tweaks
• lxd: enable safe native container terminal allocation
• exec: fix OpenPtyInDevpts()
• lxd/instance/drivers/driver/lxc: Adds nil check in getLxcState
• lxd/storage/locking: Moves package to lxd/locking
• lxd/locking: Renames variables to make them generic
• lxd/storage/drivers/utils: Adds OperationLockName function
• lxd/storage: locking.Lock usage with OperationLockName wrapper
• lxd/network/driver/bridge: Don't allow stable volatile MAC with fan network
• lxd/network/driver/bridge: Don't allow hwaddr to be set in fan mode
• seccomp: update comment about blocking the new mount api
• syscall_numbers: fix pidfd_open() definition
• lxd_seccomp: add SECCOMP_IOCTL_NOTIF_ADDFD definitions and types
• checkfeature: check for seccomp notify fd injection feature
• syscall_numbers: add pidfd_getfd()
• syscall_numbers: add bpf()
• seccomp: report helpful errors when determining support for features
• seccomp: handle liblxc sending the notify fd as part of the seccomp message
• syscall_numbers: add close_range()
• exec: switch to close_range() syscall
• process_utils: remove faulty license
• lxd/apparmor/dnsmasq: Add binary for nesting
• lxd/storage/drivers/ceph: Fix volume deletion
• lxd/instance/drivers/driver/qemu: Fix race in onStop getting operation
• lxd/db: Fix premature failure when listing cluster volumes
• lxd/db/storage_volumes: Add comments regarding behaviour
• doc/production-setup: Fix escaping
• doc/production-setup: Update introduction
• lxd: Fix automatic storage volume snapshots
• cluster: Don't upgrade nodes without raft role concurrently
• lxd/network/network/load: Moves fillAuto logic into per-driver fillConfig function
• lxd/network/utils: Moves fillAuto into bridge's fillConfig function
• lxd/network/network/utils: Adds randomHwaddr function
• lxd/patches: Adds patch to remove volatile.bridge.hwaddr network key
• lxd/network/bridge/driver: Removes volatile.bridge.hwaddr and adds stable MAC generation
• shared/usbid: Don't auto-load
• lxd/resources: Load USB database
• lxd/apparmor: Move dnsmasq functions
• lxd/apparmor: forkdns profile
• lxd/sys: Add unpriv uid/group
• lxd/instances: Update for OS type change
• shared/subprocess: s/Pid/PID/
• shared/subprocess: Add credentials
• lxd/network: forkdns and creds drop for forkdns
• lxd/network: Run dnsmasq as unpriv group
• lxd/device/device/common: Adds common contextual logger
• lxd/network/driver/bridge: Validates bridge.external_interfaces using validate.Optional() helper
• shared/validate: Adds network IP range validators
• lxd/network/driver/bridge: Adds DHCP IP range validation
• shared/network/ip: Defines IPRange struct
• lxd/dnsmasq/dhcpalloc: Removes DHCPRange and switches to shared.IPRange
• lxd/network: Replaces dhcpalloc.DHCPRange with shared.IPRange
• lxd/storage: Fix delete of remote pools
• lxd/storage/ceph: Allow for small size variation

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 4.4 リリースのお知らせ¶

31st of July 2020

はじめに ¶

LXD チームは LXD 4.4 のリリースをお知らせできることにワクワクしています!

このリリースは、ユーザーの方々すべてに新しい機能を提供する非常に忙しいリリースのひとつになりました。クラスタリングとマルチユーザーのデプロイメントを大幅に改良し、今後さらにエキサイティングな機能を追加するための基盤になっています。

Enjoy!

新機能とハイライト ¶

仮想マシン向けの VGA コンソール ¶

LXD 4.3 では、QEMU の設定に、デフォルトの virtio-gpu デバイスと SPICE 通信チャンネルのサポートを追加しました。

このリリースでは、実際に仮想 GPU にアタッチして操作するための通信メカニズムとクライアントロジックが追加されました。

lxc launch もしくは lxc start に --console=vga を指定するか、lxc console に --type=vga を指定できます。これを使うには、クライアントシステム上で remote-viewer か spicy が利用できる必要があります。もしどちらもない場合は、SPICE ソケットがクライアント上にマッピングされ、パスが提供されます。

この API は LXD 自身の websocket コンソール API に基づいていますが、spice-html5 と互換性があるため、LXD にアクセスする Web インターフェースに使用できます。

クラスタリングの failure domain ¶

LXD はクラスターメンバーに対する failure domain のコンセプトを公開するようになりました。

これにより、どのシステムが同時にオフラインになりそうかを LXD データベースに伝えることができますので、リーダーを選出する際や、クラスターメンバーを別のデータベースロールに昇格させたりするときに、より良い決定を下せるようになります。

failure domain の例としては、物理システムの電源回路、仮想マシン上で LXD が実行されている場合のホストシステム、クラウドインスタンス上で LXD が実行されている場合のクラウドアベイラビリティゾーンやリージョンがあります。

root@nuc01:~# lxc cluster list
+-------+----------------------------+----------+--------+-------------------+--------------+----------------+
| NAME  |            URL             | DATABASE | STATE  |      MESSAGE      | ARCHITECTURE | FAILURE DOMAIN |
+-------+----------------------------+----------+--------+-------------------+--------------+----------------+
| nuc01 | https://172.17.16.140:8443 | YES      | ONLINE | fully operational | x86_64       | pdu01          |
+-------+----------------------------+----------+--------+-------------------+--------------+----------------+
| nuc02 | https://172.17.16.139:8443 | NO       | ONLINE | fully operational | x86_64       | pdu02          |
+-------+----------------------------+----------+--------+-------------------+--------------+----------------+

仮想マシンの /dev/lxd ¶

/dev/lxd API（英語サイト）が仮想マシンでも利用できるようになりました。

これはコンテナ内の場合と同じように動作します。しかし、イメージダウンロードの転送機能は利用できません。

デーモンの graceful シャットダウン ¶

これまでは、システムがシャットダウンされる際や LXD がアップデートされる際に、LXD がシャットダウンの指示を受けたときは、実行中のすべての操作が即座に中断されていました。

これはいくつかの不具合を引き起こしていました:

• いかなる lxc exec/console コマンドも即座に切断されていた
• イメージの更新が中断され、イメージが壊れたり失われたりする可能性があった
• マイグレーション中のインスタンスが、移行元サーバー上で停止したままの状態になっている可能性があった

新しいロジックは次のように処理しようとします:

• キャンセルできる操作はクリーンにキャンセルする
• 新しい操作の開始を防ぐ
• シャットダウン中のいかなる API 操作も防ぐ
• （exec/console のような）キャンセルできない操作を最大で 5 分待機する

残念ながら、lxc exec や lxc console のユーザーに数分後に切断されることを通知する良い方法はありません。どんな出力でも、その操作を妨げる可能性があるからです。しかし、5 分間の猶予時間は多くの場合で充分であり、現在の動作に比べて大きな改善になると考えています。

管理ネットワークの macvlan タイプと sriov タイプ ¶

管理ネットワークに、すでにある bridged に加えて新たにふたつのネットワークタイプが加わりました。

これは、macvlan もしくは sriov を使った管理ネットワークを定義し、（管理されたネットワークしか使えない）制限されたプロジェクトで使用できるようにすることができるようになったということです。

このように定義すると、MAAS サブネット、MTU、VLAN を事前に定義することができ、インスタンスごとに定義を繰り返し行う必要がありません。

これは、今後実装される仮想ネットワーク（OVN 経由）の外部レイヤーの基盤となります。これによりプロジェクトユーザーは、許可された管理ネットワークを使った独自のネットワークを、ホストシステムとコンフリクトする危険性なく構築できます。

root@lantea:~# lxc network create my-macvlan parent=enp11s0 --type=macvlan
Network my-macvlan created
root@lantea:~# lxc network create my-sriov parent=enp7s0 vlan=1017 --type=sriov
Network my-sriov created
root@lantea:~# lxc init images:ubuntu/20.04/cloud c1
Creating c1
root@lantea:~# lxc config device add c1 eth0 nic network=my-macvlan name=eth0
Device eth0 added to c1
root@lantea:~# lxc init images:ubuntu/20.04/cloud c2
Creating c2
root@lantea:~# lxc config device add c2 eth0 nic network=my-sriov name=eth0
Device eth0 added to c2
root@lantea:~# lxc start c1 c2
root@lantea:~# lxc list
+------+---------+----------------------+-----------------------------------+-----------+-----------+
| NAME |  STATE  |         IPV4         |               IPV6                |   TYPE    | SNAPSHOTS |
+------+---------+----------------------+-----------------------------------+-----------+-----------+
| c1   | RUNNING | 172.17.16.224 (eth0) | 2001:470:b0f8:1016:1::dcba (eth0) | CONTAINER | 0         |
+------+---------+----------------------+-----------------------------------+-----------+-----------+
| c2   | RUNNING | 172.17.17.241 (eth0) | 2001:470:b0f8:1017:1::c36d (eth0) | CONTAINER | 0         |
+------+---------+----------------------+-----------------------------------+-----------+-----------+
root@lantea:~#

プロジェクト内のディスク使用量制限 ¶

最近、プロジェクトに対する制限（limit）と制約（restriction）が設定できるようになり、信頼できないユーザーが LXD を安全に使えるようになりました。その後、プロジェクトに欠けていた機能として、プロジェクトがディスクスペースのないホストシステムを実行できていたことがあります。

これは、新たに追加された limits.disk 設定キーがプロジェクトで利用可能になり、プロジェクトに対してトータルのディスク使用量を制限できるようになったことで問題ではなくなりました。

これはすべてのプロジェクトのインスタンス、イメージ、カスタムストレージボリュームに対して適用されます。

dnsmasq に対する AppArmor 制限 ¶

AppArmor サポートが拡張され、インスタンスに対する保護だけでなく、LXD が操作する他のサービスも保護するようになりました。

最初のこのような外部サービスは dnsmasq です。ネットワークごとの AppArmor プロファイルで実行されるようになりました。

LXD が起動する、長時間実行しつづけるプロセスのすべてをカバーするように、forkdns、forkproxy、qemu についても同様のプロファイルを追加する予定です。

リソース API の GPU 媒介（mediated）デバイス ¶

LXD は GPU の媒介デバイスを検出するようになりました。

これは Intel と NVIDIA の一部のデバイスでサポートされています。そして複数のプロファイルから選択できる物理デバイス上に仮想デバイスを作成できます。作成したデバイスは、仮想マシンの VFIO として使用できます。

現時点では、LXD は媒介デバイスを検出して表示するだけで、まだ仮想マシンでそれらを使用できません。

stgraber@castiana:~$ lxc query /1.0/resources | jq .gpu.cards
[
  {
    "driver": "i915",
    "driver_version": "5.4.0-42-generic",
    "drm": {
      "card_device": "226:0",
      "card_name": "card0",
      "control_device": "226:0",
      "control_name": "controlD64",
      "id": 0,
      "render_device": "226:128",
      "render_name": "renderD128"
    },
    "mdev": {
      "i915-GVTg_V5_4": {
        "api": "vfio-pci",
        "available": 0,
        "description": "low_gm_size: 128MB\nhigh_gm_size: 512MB\nfence: 4\nresolution: 1920x1200\nweight: 4",
        "devices": []
      },
      "i915-GVTg_V5_8": {
        "api": "vfio-pci",
        "available": 1,
        "description": "low_gm_size: 64MB\nhigh_gm_size: 384MB\nfence: 4\nresolution: 1024x768\nweight: 2",
        "devices": [
          "7c43babb-cf2a-403c-ae5a-7c45aeb5fb2f"
        ]
      }
    },
    "numa_node": 0,
    "pci_address": "0000:00:02.0",
    "product": "HD Graphics 620",
    "product_id": "5916",
    "vendor": "Intel Corporation",
    "vendor_id": "8086"
  }
]

lxc launch の --console オプション ¶

LXD 4.3 で lxc start と lxc restart に --console オプションが追加されました。このバージョンで、lxc launch でもインスタンスのコンソールにすばやくアクセスできるようになりました。

すべての変更点（翻訳なし） ¶

このリリースでのすべての変更点のリストは次のとおりです:

• lxd/cluster: Leverage RolesChanges.Handover() to choose handover target
• lxd: Increase timeout of go unit tests when ran from Emacs
• lxd/cluster: Skip unncessary loading of nodes from database in Rebalance()
• lxd/cluster: Leverage RolesChanges.Adjust() to choose rebalance target
• lxd/cluster: Increase time budget of client.Assign() when assigning voter role
• lxd/cluster: When demoting to Spare only transition to StandBy if Voter
• lxd/project: Add more name checks
• doc/server: Cover listen + authentication
• lxd/db: Add failure_domains table and nodes column reference
• lxd/qemu: Don't do file lock on custom volumes
• lxd/db: Add UpdateNodeFailureDomain() and GetNodesFailureDomains()
• lxd/cluster: Honor failure domains when changing roles
• shared/version: Add clustering_failure_domains extension
• shared/api: Add FailureDomain field to ClusterMemberPut
• lxd/cluster: Populate FailureDomain field when listing cluster members
• lxd: Support changing failure domain in PUT /1.0/cluster/
• client: Check clustering_failure_domains extension when updating a member
• doc: Add documentation about failure domains
• lxc: Add failure domain column in "lxc cluster list" output
• make i18n
• test: Add new clustering_failure_domains test case
• instance: update terminology I
• lxd/network: Validate ipv4/ipv6 routes
• lxd/proxy: Fix govet
• lxd/rsync: Add AtLeast
• lxd/rsync: Filter out security.selinux
• lxd-p2c: Filter out security.selinux
• lxc-to-lxd: Filter out security.selinux
• lxc/launch: Add --console
• instance: introduce container_syscall_filtering_allow_deny extension
• tests: remove trailing comma
• lxd/instance/drivers: Provide instance-data file
• lxd-agent: Support /dev/lxd
• lxd/instance/drivers: Allow updating running VMs
• tests: Fix bad ipv6.routes value
• lxc/instance/drivers/qemu: Support ephemeral VMs
• lxd/qemu: Use memory backend ram/file
• lxc/image: Fix dir handling on snap
• lxd/qemu: Fix crash on non-pinned VM
• lxc/image: Fix more dir handling on snap
• terminals: update terminology again
• doc/instances: Improves proxy docs
• lxc/main_alias: Handle leading arguments
• lxd/storage: Fix block volume migration
• lxd/rbac: Always allow internal cluster traffic
• units: handle multiplication integer overflow
• lxd/rsync: Untangle from daemon package
• lxd/qemu: Don't use file.locking with rbd
• lxd/storage/zfs: Use autotrim when available
• lxd: Add clustering_fix_raft_address_zero patch to fix node with "0" as address
• lxd/resources: Use udev model data if available
• Decode error
• doc/api-extensions: Fix escaping
• share/api: Add GPU mdev
• lxd/resources: Add GPU mdev
• api: Add GPU mdev
• lxd/qemu: Fix unbound hugepages
• lxd/qemu: Properly connect memory
• api: console_vga_type
• doc/rest-api: Add type field to console
• shared/api: Add Type field to InstanceConsolePost
• lxd/instance: Add protocol argument to Instance.Console()
• lxd/instance/drivers: Support VGA output in qemu.Console()
• lxd: Handle "vga" type in console API handler
• client: Add ConsoleInstanceDynamic() to support multiple websocket connections
• lxc: Add --type flag to "lxc console"
• i18n: Update translation templates
• lxc/console: Missing error handling
• i18n: Update translations from weblate
• lxc/console: Prefer remote-viewer
• lxc: Populate cmdConsole.flagType also when ran manually
• lxc/console: Short argument for type
• lxc: Allow using --console=TYPE
• lxd/images: Rename imgPostContInfo to imgPostInstanceInfo
• lxd/instances: Return and set image properties
• lxd/qemu: Add support for spice agent
• lxd/main_daemon: s/containers/instances/
• lxd: s/containersShutdown/instancesShutdown/
• lxd: Add context to daemon
• lxd/operations: Add db operation type to Operation
• lxd: Add waitForOperations()
• lxd: Shut down gracefully
• lxd/operations/operations: Fix hanging cancelation
• lxd/instance_post: Pass cancel function to websocket operation
• client/lxd_instances: Cancel websocket op if needed
• lxc/console: Disconnect on shutdown
• lxd/daemon: Return 503 when shutting down
• lxd/db: Drive-by removal of leftover fmt.Printf's
• doc/api-extensions: Fix over-escaping
• lxc/network: Adds flagType to cmdNetwork
• shared/instance: Move network validation functions to shared
• lxd/db/cluster: Adds type field to networks table
• lxd/db/networks: Adds internal network type constants
• lxd/db/networks: Updates CreateNetwork to accept a network type
• lxd/db/networks: Updates CreatePendingNetwork to accept a network type
• lxd/db/networks: Populate network type in getNetwork
• lxd/network/network/interface: Adds network interface
• lxd/network/network/load: LoadByName to use Network interface, add Validate
• lxd/network/errors: Adds error constants
• lxd/network/network/utils: Moved validation functions from main package
• lxd/network/driver/common: Adds common driver
• lxd/network/driver/bridge: Renames network to driver_bridge
• lxd/networks/utils: Remove unused network validation functions in main
• lxd/device/device/utils/network: Removes unused validation functions
• lxd/device/device/utils/proxy: shared.IsNetworkAddress usage
• lxd/device/nic: shared validation function usage
• lxd/device/nic/bridged: Support Network interface
• lxd/device/nic/ipvlan: shared validation function usage
• lxd/device/nic/routed: shared validation function usage
• lxd/main/init/interactive: Uses network name validation from network package
• lxd/networks: ValidNetworkName usage in networkPost
• lxd/networks: Updates doNetworkUpdate to use network package validation
• lxd/networks: Updates networksPost to support network type
• lxd/networks: Remove use of network.IsRunning in networkShutdown
• lxd/networks/config: Removed
• lxd/networks/utils: Updates usage of n.RefreshForkdnsServerAddresses to generic n.HandleHearbeat
• i18n: Update translation templates
• lxd: Updates network tests to pass netType
• lxd/network/network/utils: Unexports usesIPv4Firewall and usesIPv6Firewall
• lxd/network/driver/bridge: usesIPv4Firewall and usesIPv6Firewall usage
• lxd: Add --force flag to lxd shutdown
• lxd/apparmor: Use templating
• lxd/apparmor: Use proper version parsing
• shared/version: Add projects_limits_disk extension
• doc: Document limits.disk project configuration key
• lxd: Add "limits.disk" to supported project config keys
• lxd/project: Check that root disk sizes are within limits.disk
• lxd/project: Add projectInfo struct to hold together project's extra info
• lxd/db: Add GetCustomVolumesInProject() to fetch custom volumes in a project
• lxd/project: Fetch the project's custom volumes
• lxd/project: Consider custom volumes sizes in checkAggregateLimits
• lxd/project: Add AllowVolumeCreation() to check limits upon volume creation
• lxd: Call project.AllowVolumeCreation() before creating custom volumes
• lxd/project: Add AllowVolumeUpdate() to check custom volumes config updates
• lxd: Call project.AllowVolumeUpdate() before modifying a custom volume
• shared: Add QuotaWriter
• lxd/project: Add GetImageSpaceBudget() returning image disk space budget
• lxd: Possibly limit the disk space that can be used by POST /1.0/images
• lxd/network/driver/common: Adds config diff and db update common functions
• lxd/network/driver/common: Adds contextual logger
• lxd/network/driver/common: Removes stuttering on "common" in validation rules function
• lxd/network/driver/bridge: Updates to use contextual logger
• lxd/network/driver/bridge: Simplifies Update function to use common update functions
• lxc/networks: Renames notify to clusterNotification in doNetworkUpdate
• lxd/network/network/interface: Clarifies Update arguments
• lxd/network/network/interface: Renames Delete withDatabase arg to clusterNotification
• lxd/network/driver/common: Adds common delete function
• lxd/networks: Cleans up networksPost to use clusterNotification argument correctly
• lxd/networks: Log quoting in networksPostCluster
• lxd/networks: Cleans up doNetworksCreate to use clusterNotification argument
• lxd/network/driver/bridge: Updates Delete to use common delete function
• lxd/network/driver/bridge: Adds logging to Update
• lxd: Check available project budget when publishing an instance as image
• lxd/project: Fill missing fields when checking instance creation
• lxd/project: Skip checks when unsetting limits
• lxd/networks: Removes bridge specific logic in doNetworkUpdate
• lxd: Honor project disk budget when downloading images
• lxd/network/driver/bridge: Adds fan auto detection logic to Update
• lxd/network/driver/common: Adds rename common function
• lxd/network/driver/bridge: Updates Rename to use common rename function
• lxd/networks: networkPost logging quoting
• test: Add tests for the "limits.disk" project config key
• lxc/network/driver/bridge: isRunning comment
• lxd/network/driver/bridge: Unexports hasIPv4Firewall and hasIPv6Firewall
• lxd/networks: Detect unknown network type in networksPost, dont assume bridge
• lxd/networks: comment fix in networksPostCluster
• lxd/db/network: Provide way to identifty unknown network type in getNetwork
• lxd/networks: Allow for different managed network types in doNetworkGet
• lxd/network/network/interface: Adds fillConfig to interface
• lxd/network/driver/common: Adds default fillConfig function
• lxd/network/driver/common: Adds default HandleHeartbeat function
• lxd/network/network/load: Adds per-driver FillConfig wrapper
• lxd/network/network/utils: Removes generic FillConfig
• lxd/network/driver/bridge: fillConfig implementation
• lxd/network/driver/bridge: Exposes error message from ValidNetworkName in Validate
• lxd/sys: Create apparmor/seccomp paths
• lxd/apparmor: Split and rename instance functions
• lxd/resources/storage: Use ID_MODEL_ENC when possible
• shared: Add InSnap
• shared/subprocess: Add AppArmor support
• lxd/apparmor: Rename template
• lxd/apparmor: Add dnsmasq profile
• lxd/networks: Use AppArmor when available
• tests: Delete leftover storage volume
• lxd/operations/operations: Renames Operations to Clone
• lxd-agent/operations: operations.Clone() usage
• lxd: operations.Clone() usage
• Drop from .travis.yaml Go versions we don't support anymore
• shared/api/network: Adds network status constants
• lxd/networks: API constant usage in networkDelete
• lxd/network/network/load: Adds status
• lxd/network/network/interface: Adds status function
• lxd/network/driver/common: Adds status field and function
• lxd/network/driver/bridge: Don't allow starting a pending network
• lxd/device/nic/bridged: Usage of d.state.Cluster.GetNetworkInAnyState in rebuildDnsmasqEntry
• lxd/api/cluster: Usage of api.NetworkStatusPending
• lxd/db/networks: Usage of api package's NetworkStatus constants in getNetwork
• lxd/db/networks: Removes unused GetNetwork
• lxd/db/networks: GetNonPendingNetworks comment
• lxd/db/networks: Allow pending nodes to be added to errored networks in CreatePendingNetwork
• lxd/db/networks: CreatePendingNetwork comments and line spacing
• lxd/networks/utils: Skip network load error in networkUpdateForkdnsServersTask
• lxd/device/nic/bridged: Validates network is type bridge
• lxc/device/nic/bridged: Only allow using non-Pending networks
• lxd/networks: Various comment and error quoting consistency fixes
• lxd/networks: Validate network name earlier in networksPost
• lxc/networks: Validate config in doNetworksCreate
• lxd/db/networks: Ensure that network type matches existing pending network in CreatePendingNetwork
• lxd/db/networks: Remove errored state on successful update in UpdateNetwork
• lxd/network/driver/bridge: Adds targetNode arg to Update
• lxd/network/network/interface: Adds targetNode arg to Update
• lxd/network/driver/common: Tweaks to update function in cluster environment
• lxd/networks: networksPost error response tweaks
• lxd/networks: Updates networksPostCluster
• lxd/networks: Unifies networkPut and networkPatch
• lxd/device/nictype: Adds small package to resolve NIC device nictype from network
• lxd/device/config/devices: Removes NICType
• lxd/device/config/devices: Improves comment on Update
• lxd/device/device/load: Removes devTypes map and updates load to use NICType function
• lxd/device: Removes device load helpers
• lxd/device/device/utils/network: nictype.NICType usage
• lxd/device/nic/bridged: Updates usage of functions whos signatures changed due to NICType
• lxd/device/nic/p2p: Updates usage of functions that changed signature due to NICType
• lxd/device/proxy: nictype.NICType usage
• lxd/instance/drivers/driver/lxc: nictype.NICType usage
• lxd/instance/drivers/driver/qemu: nictype.NICType usage
• lxd/network/driver/bridge: Usage of functions that changed signature due to NICType
• lxd/network/driver/common: Updates IsUsed for NICType signature changes and checks for profile usage
• lxd/network/network/interface: Signature change of IsUsed to accomodate NICType
• lxd/network/network/utils: Usage of nictype.NICType and signature changes to accomodate it
• lxd/networks: nictype.NICType usage and comment improvements
• lxd/networks: Comment ending consistency
• test: Updates tests to delete profiles before networks
• doc: Updates clustering docs with network parent optional per-node key
• lxd/db/networks: Adds parent as optional per-node network key
• lxd/db/networks: Adds constant for NetworkTypeMacvlan
• lxd/network/network/load: Adds macvlan driver as supported network type
• lxd/networks: Adds macvlan support to networksPost
• lxd/network/driver/macvlan: macvlan driver implementation
• lxd/device/nic/macvlan: Adds support for network config key
• lxd/device/nic/macvlan: Only allow non-pending networks to be used
• test: Adds macvlan network test
• lxd: Adds NetworkTypeSriov constant and conversion handling
• lxd/network: Adds sriov driver
• lxd/networks: Remove database record on error in networksPost
• lxd/device/nic/sriov: Adds network key support
• lxd/device/nictype: Adds sriov support
• test: sriov NIC comment ending consistency
• test: sriov network test
• doc/networks: Re-arranges network docs to support different types
• doc/networks: Adds doc for macvlan and sriov networks
• doc/instances: Updates macvlan and sriov NIC to indicate network support
• doc/networks: Fixes typo
• doc/networks: Adds example usage of --type flag
• lxd/network/openvswitch/ovs: Adds OVS wrapper
• lxd/device/nic/bridged: ovs.PortSet usage
• lxd/network/driver/bridge: ovs usage
• lxd/network/network/utils: ovs usage
• lxd/networks: ovs.BridgeExists usage
• api: Adds network_type_macvlan extension
• api: Adds network_type_sriov extension
• tree-wide: add dummy include package for cgo
• doc/images: Cover the various image servers
• doc: Typo fix
• lxd/networks: Fixes bug in doNetworkUpdate that prevents removal of non-node specific keys
• lxd/network/driver/bridge: Consistent comment ending in setup()
• lxd/network/network/interface: fillConfig signature
• lxd/network/driver/common: Updates fillConfig signature
• lxd/network/driver/bridge: Updates fillConfig signature
• lxd/network/network/load: Updates FillConfig to use new signature
• lxd/network/driver/bridge: Fixes Update to regenerate default values if missing
• test/suites/container/devices/nic/bridged: Fixes DHCP disable by setting IP address none
• lxd/network/driver/bridge: Dont fail start if cannot restore third party route
• lxd/migrate: Fix crash in sendControl when no active connection
• lxd/operations: Fix typo
• lxc/export: Plug in cancelable wait
• i18n: Update translation templates
• lxd/devices/device/utils/network: Removes networkValidMAC
• shared/instance: Adds IsNetworkMAC for use in network and device packages
• lxd/device/nic: shared.IsNetworkMAC usage
• lxd/network/driver/bridge: Adds volatile.bridge.hwaddr key
• shared/validate: Adds validate helper package
• lxd: Updates use of validate helper functions now in validate package
• shared: Removes validate helper functions
• lxd/device/device/utils/infiniband: Changes infinibandValidMAC to use net.ParseMAC
• lxd/device/device/utils/infiniband/test: Changes test name for linter
• lxd/networks: Allow update/removal of node-specific key in non-clustered mode
• lxd/network/driver/bridge: Adds safety check for volatile MAC address usage
• lxd/device: fix empty error message when tc fails
• test: Wait for operations to be removed from the database
• shared/validate: Adds Optional() validate wrapper
• shared/validate: Makes IsInt64 non-optional
• lxd/network/driver/bridge: Add validate.Optional() wrapper for validate.IsInt64 usage
• lxd/storage/utils: Adds validate.Optional() wrapper for validate.IsInt64 usage
• shared/instance: Adds validate.Optional() wrapper for validate.IsInt64 usage
• lxd/device/device/utils/network: Removes networkValidVLAN
• shared/validate: Adds IsNetworkVLAN
• lxd/device/device/utils/network: validate.IsNetworkVLAN usage
• lxd/device/nic: validate.IsNetworkVLAN usage
• lxd/network/driver: Adds mtu and vlan support for macvlan and sriov network types
• lxd/device/nic: Inherit mtu and vlan settings from network for macvlan and sriov NICs
• doc/networks: Adds mtu and vlan options for macvlan and sriov network types
• seccomp: switch from individual pread() to process_vm_readv()
• seccomp: fix i386 builds
• seccomp: ensure that target process is still valid
• client: Move proxyMigration
• lxd: Port remaining calls to instance
• lxd/network/driver/common: Adds Create function no-op
• lxd/network/network/interface: Adds Create function
• lxd/networks: Adds call to network Create in doNetworksCreate
• lxd/device/device/utils/network: Adds networkDHCPValidIP
• lxd/device/nic/bridged: Removes networkDHCPValidIP
• lxd/device/device/utils/networks: Splits networkSetupHostVethDevice into multiple functions
• lxd/device/nic/bridged: networkVethFillFromVolatile usage and other host-veth functions
• lxd/device/nic/p2p: networkVethFillFromVolatile usage and other host-veth helper functions
• lxd/device/nic/routed: networkVethFillFromVolatile usage and other host-veth helper functions
• lxd/network/network/utils: Updates isInUseByDevices to support networks that don't match their physical parent
• i18n: Update translations from weblate

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 4.3 リリースのお知らせ¶

1st of July 2020

はじめに ¶

LXD チームは LXD 4.3 のリリースをお知らせできることにワクワクしています!

このリリースは、特に仮想マシンの使用における多数の改良を行っています。また、クラスターユーザー向けのかなりの数のバグ修正と一般的なパフォーマンスの改良が含まれています。

Enjoy!

新機能とハイライト ¶

カスタムのブロックストレージボリューム ¶

これまで、カスタムストレージボリュームはすべてファイルシステムでした。それをサポートするストレージバックエンド上のディレクトリ・サブボリューム・データセット、または他のバックエンド上のフォーマットされたブロックのいずれかでした。

LXD が仮想マシンをサポートするようになりましたので、（以前から可能であった 9p を使った）従来のボリューム上のファイルシステムを仮想マシンにアタッチできるのと同様に、追加の RAW ディスクを仮想マシンにアタッチできるようにする必要性がでてきました。

これによりブロックのカスタムストレージボリュームが使えるようになりました。

stgraber@castiana:~$ lxc storage volume create default my-fs size=10GiB
Storage volume my-fs created
stgraber@castiana:~$ lxc storage volume create default my-block size=10GiB --type=block
Storage volume my-block created

stgraber@castiana:~$ lxc storage volume list default
+-----------------+------------------------------------------------------------------+-------------+--------------+---------+
|      TYPE       |                               NAME                               | DESCRIPTION | CONTENT TYPE | USED BY |
+-----------------+------------------------------------------------------------------+-------------+--------------+---------+
| custom          | my-block                                                         |             | block        | 0       |
+-----------------+------------------------------------------------------------------+-------------+--------------+---------+
| custom          | my-fs                                                            |             | filesystem   | 0       |
+-----------------+------------------------------------------------------------------+-------------+--------------+---------+
| image           | a4dc839edd35d50158d57818938775669265a3af004bd93b8281115ee0abd29d |             | block        | 1       |
+-----------------+------------------------------------------------------------------+-------------+--------------+---------+
| virtual-machine | f1                                                               |             | block        | 1       |
+-----------------+------------------------------------------------------------------+-------------+--------------+---------+

stgraber@castiana:~$ lxc config device add f1 my-fs disk source=my-fs pool=default path=/srv/my-fs
Device my-fs added to f1
stgraber@castiana:~$ lxc config device add f1 my-block disk source=my-block pool=default
Device my-block added to f1

stgraber@castiana:~$ lxc start f1
stgraber@castiana:~$ lxc exec f1 bash
root@f1:~# gdisk -l /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_lxd_my-block
GPT fdisk (gdisk) version 1.0.5

Partition table scan:
  MBR: not present
  BSD: not present
  APM: not present
  GPT: not present

Creating new GPT entries in memory.
Disk /dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_lxd_my-block: 20971520 sectors, 10.0 GiB
Sector size (logical/physical): 512/512 bytes
Disk identifier (GUID): EA616112-9C49-4809-AA68-53895E752A34
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 20971486
Partitions will be aligned on 2048-sector boundaries
Total free space is 20971453 sectors (10.0 GiB)

Number  Start (sector)    End (sector)  Size       Code  Name
root@f1:~# df -h /srv/my-fs/
Filesystem      Size  Used Avail Use% Mounted on
lxd_my-fs        10G  128K   10G   1% /srv/my-fs
root@f1:~#

VM: グラフィカルコンソールの初期作業 ¶

すべての LXD VM で virtio-gpu と virtio-input デバイスがすぐに使える状態になりました。同様にローカルの Unix ソケットに接続されている spice チャンネルも使える状態になっています。

現状、spicy のようなクライアントを使ってソケットに直接接続できます。しかし、すぐに　LXD で lxc console を使った websocket 経由でリモートアクセスできるようになるでしょう。

VM: PCIe レイアウトの見直し ¶

VM に公開している全 virtio デバイスが確実に PCIe バス上にあるようにし、スロットの数を節約するために可能な限りデバイスはファンクションにマージするようにしました。

また、ネットワークデバイスは常に同じスロットに表示され、ハードウェアベースのネーミングが有効なときは一定の名前が得られるようなロジックが導入されています。

VM: GPU パススルー ¶

gpu タイプのデバイスを VM にアタッチし、VFIO 経由で物理 GPU を与えることができるようになりました。ホストと GPU を共有できるコンテナとは違い、VM では共有できないことに注意してください。

lxc start と lxc restart での直接のコンソールアタッチ ¶

単一のインスタンスを扱う場合、lxc start と lxc restart で --console オプションを指定できるようになりました。これにより、コマンドラインからすぐにコンソールにアタッチできるようになり、インスタンスのブートシーケンスを見ることができるようになります。

リソース API での Isolated CPU の表示 ¶

新たに、/1.0/resources API の全 CPU スレッドに isolated フィールドが追加されました。もし特定のスレッドが isolated な CPU と設定されている場合、このフィールドが true に設定されます。

これは通常はカーネルのコマンドラインで isolcpus= を指定してシステムを起動した場合に起こります。

すべての変更点（翻訳なし） ¶

このリリースでのすべての変更点のリストは次のとおりです:

• lxd/instance/drivers/driver/lxc: Adds debug logging to deviceStop
• lxd/instance/drivers/driver/lxc: Adds driver revert on failed start in startCommon
• lxd/instance/drivers/driver/qemu: Adds debug logging to deviceStop
• lxd/instance/drivers/driver/qemu: Simplifies failed start device cleanup in Start
• lxd/storage/drivers/driver/ceph/utils: Removes getRBDFilesystem
• lxd/storage/drivers/driver/ceph: Replaces use of d.getRBDFilesystem with vol.ConfigBlockFilesystem
• lxd/storage/drivers/volume: Adds ConfigBlockMountOptions function
• lxd/storage/drivers/driver/ceph/utils: Removes getRBDMountOptions in place of vol.ConfigBlockMountOptions()
• lxd/storage/drivers/driver/lvm/utils: Removes volumeMountOptions in place of vol.ConfigBlockMountOptions()
• lxd/storage/drivers: Replaces driver specific mount options resolution with vol.ConfigBlockMountOptions()
• lxd/rbac: Don't close body when missing
• doc/storage: Cover host/disk/loop setups
• lxd/init: Tweak default loop sizing
• lxd/vm: Rename some functions
• client: Expand snap path in ConnectLXDUnix
• lxd/vm: Add virtio-vga card
• lxd/vm: Add spice channel
• client: Fix ConnectLXDUnix regression
• lxd/vm: Fix PCIe slot for physical/sriov nic
• lxd/network: Make setting bridge VLAN filtering & default PVID optional
• lxd/instance/drivers/driver/qemu: Integrates built in GPU device PCI range with future passthrough GPU devices
• lxd/instance/drivers/driver/qemu/templates: Updates built in GPU device to use GPU address range prefix
• lxd/vm: Move to separate devices
• lxd/vm: Remove tiny wrapper functions
• lxd/vm: Per-architecture bus type
• add type to specify the instance type on creation Signed-off-by: Salem Yaslem s@sy.sa
• lxd/vm: Centralize port generation
• lxd/device: Sort nic devices ahead of others
• lxd/device/device/utils/generic: Adds PCI management functions for overriding driver
• lxd/device/device/utils/network: Removes network specific PCI bind/unbind functions
• lxd/device/nic/physical: Updates to use generic PCI management functions
• lxd/device/nic/sriov: Updates to use generic PCI management functions
• lxd/vm: Separate template keys in global/local
• lxd/vm: Use virtio-gpu-pci on non-x86
• lxd/vm: Rename qemuVGA to qemuGPU
• lxd/vm: Add virtio-input keyboard/mouse
• lxd/vm: Move bus allocator to own file
• lxc/volume: Fix typo in help message
• i18n: Update translation templates
• lxc/snapshot: Allow using snapshot delimiter
• i18n: Update translation templates
• doc/instances: Updates GPU device docs to show VM support
• lxd/device/gpu: Updates validation for VM support
• lxd/device/config/device/runconfig: Adds GPU field to RunConfig
• lxd/device/device/utils/generic: pciDeviceDriverOverride only check for driver binding if specified
• lxd/device/gpu: Adds VM GPU passthrough support
• lxd/instance/drivers/driver/qemu/templates: Consistent naming and casing for net dev templates
• lxd/instance/drivers/driver/qemu: Consistent net dev naming usage
• lxd/instance/drivers/driver/qemu/templates: Adds qemuGPUDevPhysical template
• lxd/instance/drivers/driver/qemu: Adds GPU passthrough support
• lxd/instance/drivers/driver/qemu/bus: Adds comments, clarifies var names, and constants for defined multi-function groups
• lxd/instance/drivers/driver/qemu: Switches to multi-function group constants and adds comments
• lxd/instance/drivers/qmp/monitor: Allow serial char device name to be passed in
• lxd/instance/drivers/driver/qemu: Defines qemuSerialChardevName to share with qemu and qmp
• lxd/instance/drivers/driver/qemu: qemuSerialChardevName usage
• lxd/instance/drivers/driver/qemu/templates: Add serial chardev name injection
• lxd/storage/quota/projectquota: Only set quota on directories and regular files
• lxd/db: Automatically strip ?project=default
• lxc/action: Properly handle --all with remotes
• lxd/projects: Properly clear empty keys
• lxd/db: Add missing feature to default project
• lxd/instance/drivers/driver/qemu: Pass-through GPU VGA mode status from host
• lxd/storage/drivers/driver/zfs/volumes: Remove snapshot when migrating as main volume
• lxd/cluster/heartbeat: Fix race in HeartbeatNode
• lxc/console: Split Console to own function
• lxc/start: Allow direct console attach
• i18n: Update translation templates
• lxd/instance/drivers/driver/qemu: Only enable GPU vga mode on x86_64 systems
• lxd/resources: Fix golint warning
• doc/api-extensions: Fix escaping
• api: resource_cpu_isolated
• lxd/resources: Add Isolated property
• lxd/resources: Don't use shared
• lxd/devices: Use resources for cpuset parsing
• lxc: Don't over-escape URLs
• lxd: Don't over-escape URLs
• lxd/db/storage: Rework UsedBy for pools
• lxd/instance/drivers/driver/qemu: Adds trans=virtio to 9p mounts
• lxc/action: Also add --console to restart
• lxd/resources/net: More flexible PCI detection
• lxc/query: Add path check
• i18n: Update translation templates
• tests: Fix bad lxc query call
• lxd/storage-pools: Tweak UsedBy URLs
• lxd/networks: Reports profiles in UsedBy
• lxd/db: Tweak joins
• lxd/db: Fix UsedBy on projects
• lxd/storage_volumes: Fix UsedBy
• api: usedby_consistency
• lxd-agent/main/agent: Fix 9p mount when relative target path is supplied
• test: Updates udhcpd args to ensure process quits one lease acquired
• util_linux: update terminology
• lxd: Fix snapshot index retrieval
• lxd/backups: Use backups dir for unpack
• lxd/vm: Add udev rule fallback
• lxd/images: Set arch names when downloading
• lxd: More flexible compression algorithms
• tests: Add test for compression options
• doc/rest-api: Rename rootfs to root
• doc/rest-api: Fix instance PATCH example
• lxd: Fix building with clang
• lxd/db: Add missing criteria for querying a specific public image
• lxd/db: Add the Errored storage state when rendering the Status field
• lxd/cluster: If raft node 1 gets remove during recovery, add it back
• lxd/db: Make GetNework() return an error if the network is pending
• lxd/db: Rename NetworkCreatePending to CreatePendingNetwork
• lxd/db: Make GetStoragePool() return an error if the pool is pending
• lxd/db: Rename StoragePoolCreatePending to CreatePendingStoragePool
• lxd/firewall: Filter unwanted ethernet frame types when IP filtering is enabled
• lxd/storage/drivers: Bump VM fs size to 100MB
• lxd/db: Fix UsedBy for profiles on storage pools
• lxd/storage: Use Truncate to create/grow VM files
• lxd/db: Consider personalities in GetNodeWithLeastInstances
• lxd/db: Avoid test failure in arch matching
• lxd/storage: Better handle broken volumes
• client: Handle unknown image sizes
• lxd/response: Stream multi-part responses
• lxd/device/disk: Fixes cloud-init errors for VMs
• lxc/action: Show usage on missing target
• lxd/storage: Rely on UsedBy for deletion error
• lxd/instances/qemu: Use images dir during compression
• lxd/storage/drivers: Rename fs to filesystem
• api: custom_block_volumes
• shared/api: Add ContentType to storage volume structs
• lxd/migration: Add ContentType to structs
• lxd/db/cluster: Add content type to storage volumes
• lxd/db: Add content type constants
• lxd/db: Add content type to storage volumes
• lxd/storage/utils: Add content type conversion functions
• lxd: Support custom block volumes
• lxd/storage: Show type in error
• lxd/device/disk: Handle custom block volumes
• client: Support custom block volumes
• lxc/storage_volume: Support custom block volumes
• test/suites: Add tests for custom block volumes
• po: Update translations
• lxd/storage: Backward compatibility for content types
• doc/storage: Document block storage volumes
• lxd/util: Detect hugetlbfs mount point
• lxd/cluster: Always check for dqlite protocol version mismatches
• lxd/cluster: Don't run unncessary HEAD probe upon dqlite connections
• forksyscall: use nsids for shiftfs syscall intercepts
• lxd/db: Drop ClusterRoleDatabase records from the database
• lxd/cluster: Fetch database role information directly from raft
• lxd/storage: Fix regression in truncate handling
• lxd/cluster: Only look up raft_nodes for resolving the address of node 1
• i18n: Update translations from weblate

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 4.0.2 リリースのお知らせ¶

25th of June 2020

はじめに ¶

LXD チームは LXD 4.0.2 のリリースを発表します!

このリリースは、2025 年 6 月までサポートされる LXD 4.0 に対するふたつめのバグフィックスリリースです。

バグ修正と改良 ¶

このリリースには、開発ブランチからの数カ月分のバグフィックスと細かな改善が含まれています。

その主なものは次の通りです:

• VM での CPU NUMA レイアウトの自動マッチング
• VM で PCIe レイアウトの更新（入力デバイスと仮想GPUを含む）
• zsys ZFS レイアウトのサポートと自動検出
• lxc config get に --expanded オプションを追加
• image/backup時の圧縮ツールの引数のサポート
• lxc list に新たに disk と memory （オプション）カラムを追加
• VM での GPU パススルーのサポート
• lxc start と lxc restart に --console オプションを追加

コミットの全リストは次のとおりです（翻訳なし）:

• lxd-agent: Support systemd-notify
• lxd/qemu: Switch default unit type to notify
• lxd/storage/backend/lxd: Updates CreateInstanceFromImage to use reverter
• lxd/storage/drivers/errors: Adds ErrCannotBeShrunk error
• lxd/storage/drivers/utils: Updates to shrinkFileSystem ErrCannotBeShrunk error
• lxd/storage/backend/lxd: Updates CreateInstanceFromImage to detect ErrCannotBeShrunk
• lxd/storage/drivers: Returns ErrCannotBeShrunk when block volume cannot be shrunk
• lxd/device/proxy: Dont allow proxy_protocol to be set when in nat mode
• lxd/device/proxy: Dont wrap lines
• lxd/device/proxy: Improves validation
• test/suites/container/devices/proxy: Updates tests with new validation rules
• lxd: Updates snapshotProtobufToInstanceArgs to support instance type
• lxd/qemu: Match basic NUMA layout
• lxd/storage/drivers/driver/zfs/volumes: Delete volume on error in CreateVolumeFromCopy
• lxd-agent/main/agent: Adds comment about reason for systemd-notify usage
• lxd/cgroup: Fix memory controller detection
• lxd/migration/migrate/proto: Fix alignment
• lxd/migration: Adds volumeSize field to MigrationHeader
• lxd/migrate: Adds VolumeSize to MigrationSinkArgs
• lxd/migration/migration/volumes: Adds VolumeSize to VolumeTargetArgs
• lxd/migrate/instance: Use VolumeSize from offer header in Do()
• lxd/storage/backend/lxd: Use VolumeSize from migration header in CreateInstanceFromMigration
• lxd/storage/drivers: Exports BlockDevSizeBytes function
• lxd/storage/utils: Adds InstanceDiskBlockSize
• lxd/migrate/instance: Populate offerHeader.VolumeSize for VMs
• lxd/storage/backend/lxd: Adds VM volume size hint to CreateInstanceFromCopy
• lxd/device/utils: Do not add the Ceph mon port if already present in /etc/ceph config file
• lxd/instance/qemu: Add comment on cpuTopology
• lxd/storage/ceph: Support port in URL
• lxd/storage/drivers/utils: Makes minBlockBoundary available to other functions
• lxd/storage/drivers/driver/zfs/utils: Updates createVolume to use minBlockBoundary
• lxd/storage/drivers/driver/zfs/volumes: Updates SetVolumeQuota to use minBlockBoundary
• lxd/storage/drivers/zfs/volumes: Updates CreateVolume to allow regeneration of deleted image volumes
• lxd/storage/drivers/driver/zfs/volumes: Dont revert on rename success
• lxd/daemon: Remove duplicated logic
• lxd/instance/qemu: Announce LXD in SMBIOS
• share/usbid: Don't print error when missing
• lxd/init: Auto-detect and use Ubuntu ZFS setup
• lxc/config: Add --expanded to get
• client/interfaces: Add Mode to ImageCopyArgs
• shared/api/image: Add ImageExportPost
• client/lxd_images: Set fingerprint and secret headers
• i18n: Update translation templates
• client: Add relay mode for image copy
• client: Add ExportImage to ImageServer
• client: Add push mode for image copy
• client: Add GetOperationWaitSecret
• Resolve both core.https_address and cluster.https_address when comparing IPs
• lxd/storage/drivers/generic/vfs: Skip missing files during export
• lxd/images: Fixes hang in export when invalid --compression argument passed
• lxd/storage/drivers/driver/btrfs/volumes: CreateVolumeFromCopy only use expanded volume size when source is image
• lxd/storage/drivers/driver/ceph/volumes: Allow cached volume regeneration in CreateVolume
• lxd/storage/drivers/driver/ceph/utils: Uses defaultBlockSize rather than hardcoded 10GB
• lxd/storage/drivers/driver/ceph/volumes: Adds getVolumeSize function
• lxd/storage/drivers/driver/ceph/volumes: Removes unnecessary mount/unmount
• lxd/storage/drivers/driver/zfs/volumes: Clarify clone comments
• lxd/storage/drivers/driver/ceph/volumes: Dont wrap lines
• lxd/storage/drivers/driver/ceph/volumes: Dont use clone mode when creating volume from cached image when it is disabled
• lxd/storage/utils: VolumeDBCreate comment formatting
• lxd/storage/drivers/driver/lvm/volumes: CreateVolumeFromCopy only set volume size from expanded config when source is image
• lxd/storage/drivers/driver/zfs/volumes: CreateVolumeFromCopy only set volume size from expanded config when source is image
• lxc/storage/drivers/driver/ceph/utils: Reworks parseParent to return a Volume struct
• lxd/storage/drivers/driver/ceph/utils: Adds tests for parseParent
• lxd/storage/drivers/driver/ceph/utils: Adds cephVolumeTypeZombieImage constant
• lxd/storage/drivers/driver/ceph/utils: Updates rbdCreateVolume to accept string size
• lxd/storage/drivers/driver/ceph/utils: Pass volume config in rbdMarkVolumeDeleted
• lxd/storage/drivers/driver/ceph/utils: Pass volume config in rbdRenameVolume
• lxd/storage/drivers/driver/ceph/utils: Replaces getRBDSize with volumeSize
• lxd/storage/drivers/driver/ceph/utils: Dont wrap lines
• lxd/storage/drivers/driver/ceph/utils: Updates usage of d.parseParent in deleteVolume
• lxd/storage/drivers/driver/ceph/utils: Updates RBD naming logic in getRBDVolumeName
• lxd/storage/drivers/driver/ceph/volumes: Ensures CreateVolumeFromCopy correctly sizes new volume
• lxd/storage/drivers/driver/ceph/volumes: If volume doesnt exist in DeleteVolume do nothing
• lxd/storage/drivers/driver/ceph/utils: Dont wrap lines
• lxd/db: Rename CertificatesGet to GetCertificates
• lxd/db: Rename CertificateGet to GetCertificate
• lxd/db: Rename CertSave to CreateCertificate
• lxd/db: Rename CertDelete to DeleteCertificate
• lxd/db: Rename CertUpdate to UpdateCertificate
• lxd/db: Drop unused ConfigValueSet
• lxd/instances/post: Fix revert in createFromBackup
• lxd/storage/drivers/volume: Adds allowUnsafeResize bool to Volume struct
• lxd/storage/backend/lxd: Adds cannot shrink error handling in CreateInstanceFromBackup
• lxd/storage/drivers/generic/vfs: Sets block volume size to file size of volume in tarball in genericVFSBackupUnpack
• lxd/storage/drivers/driver/btrfs/volumes: No need to move GPT header if no filler used in CreateVolume
• lxd/storage/drivers/driver/btrfs/volumes: Skip GPT header move in SetVolumeQuota when allowUnsafeResize is enabled
• lxd/storage/drivers/driver/dir/volumes: Skip GPT header move in SetVolumeQuota when allowUnsafeResize is enabled
• lxd/storage/drivers/driver/lvm/volumes: Allow unsafe shrinking when allowUnsafeResize is enabled
• lxd/storage/drivers/driver/zfs/volumes: Allow unsafe shrinking when allowUnsafeResize is enabled
• lxd/storage/drivers/driver/ceph/volumes: Allow unsafe shrinking when allowUnsafeResize is enabled
• lxd/db: Rename InstanceNames to GetInstanceNames
• lxd/db: Rename ContainerNodeAddress to GetNodeAddressOfInstance
• lxd/db: Rename ContainersListByNodeAddress to GetInstanceNamesByNodeAddress
• lxd/db: Rename ContainersByNodeName to GetInstanceToNodeMap
• lxd/db: Rename ContainerNodeMove to UpdateInstanceNode
• lxd/db: Rename ContainerNodeProjectList to GetLocalInstancesInProject
• lxd/db: Rename ContainerConfigInsert to CreateInstanceConfig
• lxd/db: Rename ContainerConfigUpdate to UpdateInstanceConfig
• lxd/db: Rename InstanceRemove to RemoveInstance
• lxd/db: Rename ContainerProjectAndName to GetInstanceProjectAndName
• lxd/db: Rename ContainerConfigClear to DeleteInstanceConfig
• lxd/db: Rename ContainerConfigGet to GetInstanceConfig
• lxd/db: Rename ContainerConfigRemove to DeleteInstanceConfigKey
• lxd/db: Rename ContainerSetStateful to UpdateInstanceStatefulFlag
• lxd/db: Rename ContainerProfilesInsert to AddProfilesToInstance
• lxd/db: Drop unused ContainerProfiles
• lxd/db: Drop unused ContainerConfig
• lxd/db: Remove unused ContainersNodeList
• lxd/db: Rename ContainersResetState to ResetInstancesPowerState
• lxd/db: Rename ContainerSetState to UpdateInstancePowerState
• lxd/db: Rename ContainerUpdate to UpdateInstance
• lxd/db: Rename InstanceSnapshotCreationUpdate to UpdateInstanceSnapshotCreationDate
• lxd/db: Rename ContainerLastUsedUpdate to UpdateInstanceLastUsedDate
• lxd/db: Rename ContainerGetSnapshots to GetInstanceSnapshotsNames
• lxd/db: Rename ContainerNextSnapshot to GetNextInstanceSnapshotIndex
• lxd/db: Rename InstancePool to GetInstancePool
• lxd/db: Rename ContainerBackupID to getInstanceBackupID
• Rename ContainerGetBackup to GetInstanceBackup
• lxd/db: Rename InstanceCreateBackup to CreateInstanceBackup
• lxd/db: Rename InstanceBackupRemove to DeleteInstanceBackup
• lxd/db: ContainerBackupRename to RenameInstanceBackup
• lxd/db: Rename ContainerBackupsGetExpired to GetExpiredInstanceBackups
• lxd/storage/drivers/utils: Updates roundVolumeBlockFileSizeBytes and ensureVolumeBlockFile to take size as bytes
• lxd/storage/drivers/generic/vfs: Updates genericVFSResizeBlockFile to accept size as bytes
• lxd/storage/drivers/driver/btrfs/utils: Adds volumeSize function
• lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolume to use volumeSize()
• lxd/storage/drivers/driver/btrfs/volumes: Updates SetVolumeQuota to be byte oriented internally
• lxd/storage/drivers/driver/ceph/utils: Updates volumeSize comment for consistency
• lxd/storage/drivers/driver/ceph/volumes: Updates CreateVolumeFromCopy to use volumeSize()
• lxd/storage/drivers/driver/ceph/volumes: Updates SetVolumeQuota to be byte oriented internally
• lxd/storage/drivers/driver/dir/utils: Adds volumeSize function
• lxd/storage/drivers/driver/dir/volumes: Updates CreateVolume to use volumeSize
• lxd/storage/drivers/driver/dir/volumes: Updates SetVolumeQuota to be byte oriented internally
• lxd/storage/drivers/driver/lvm/utils: Updates copyThinpoolVolume to use volumeSize()
• lxd/storage/drivers/driver/lvm/volumes: Updates SetVolumeQuota variables and comments
• lxd/storage/drivers/driver/zfs/utils: Adds volumeSize function
• lxd/storage/drivers/driver/zfs/volumes: Updates CreateVolume to use volumeSize()
• lxd/storage/drivers/driver/zfs/volumes: Updates CreateVolumeFromCopy to use volumeSize()
• lxd/storage/drivers/driver/zfs/volumes: Updates SetVolumeQuota to be byte oriented internally
• lxd/db: Rename DevicesAdd to AddDevicesToEntity
• lxd/storage/backend/lxd: Detect cached image filesystem changes for VM images too
• lxd/db: Remove unused Devices
• lxd/db: Rename ImagesGetLocal to GetLocalImages
• lxd/db: Rename ImagesGet to GetImages
• lxd/db: Rename ImagesGetExpired to GetExpiredImages
• lxd/db: Rename ImageSourceInsert to CreateImageSource
• lxd/db: Rename ImageSourceGet to GetImageSource
• lxd/db: Rename ImageGetFromAnyProject to GetImageFromAnyProject
• lxd/db: Rename ImageLocate to LocateImage
• lxd/db: Rename ImageDelete to DeleteImage
• lxd/db: Rename ImageAliasesGet GetImageAliases
• lxd/db: Rename ImageAliasGet to GetImageAlaias
• lxd/db: Rename ImageAliasRename to RenameImageAlias
• lxd/db: Rename ImageAliasDelete to DeleteImageAlias
• lxd/db: Rename ImageAliasesMove to MoveImageAlias
• lxd/db: Rename ImageAliasAdd to CreateImageAlias
• lxd/db: Rename ImageAliasUpdate to UpdateImageAlias
• lxd/db: Rename ImageCopyDefaultProfiles to CopyDefaultImageProfiles
• lxd/db: Rename ImageLastAccessUpdate to UpdateImageLastUseDate
• lxd/db: Rename ImageLastAccessInit to InitImageLastUseDate
• lxd/db: Rename ImageUpdate to UpdateImage
• lxd/db: Rename ImageInsert to CreateImage
• lxd/db: Rename ImageGetPools to GetPoolsWithImage
• lxd/db: Rename ImageGetPoolNamesFromIDs to GetPoolNamesFromIDs
• lxd/db: Rename ImageUploadedAt to UpdateImageUploadDate
• lxd/db: Rename ImagesGetOnCurrentNode to GetImagesOnLocalNode
• lxd/db: Rename ImagesGetByNodeID to GetImagesOnNode
• lxd/db: Replace ImageGetNodesWithImage with GetNodesWithImage
• lxd/db: Rename ImageGetNodesWithoutImage to GetNodesWithoutImage
• lxc/image: Actually refresh multiple images
• lxd/resources: Use permanent MAC when available
• lxd/qemu: Restrict NUMA layout to x86_64
• Consider all nodes when looking for the leader, not only voters
• Only attempt to transfer leadership if we are not standalone
• lxd/db: Rename NetworksNodeConfig to GetNetworksLocalConfig
• lxd/db: Rename NetworkIDsNotPending to GetNonPendingNetworkIDs
• lxd/db: Rename NetworkID to GetNetworkID
• lxd/db: Rename NetworkConfigAdd to CreateNetworkConfig
• lxd/db: Rename Networks to GetNetworks
• lxd/db: Rename NetworksNotPending to GetNonPendingNetworks
• lxd/db: Rename NetworksNotPending to GetNonNetworks
• lxd/db: Rename NetworkGetInterface to GetNetworkWithInterface
• lxd/db: Rename NetworkConfig to getNetworkConfig
• lxd/db: Rename NetworkCreate to CreateNetwork
• lxd/db: Rename NetworkUpdate to UpdateNetwork
• lxd/db: Rename NetworkConfigClear to clearNetworkConfig
• lxd/db: Rename NetworkDelete to DeleteNetwork
• lxd/db: Rename NetworkRename to RenameNetwork
• lxd/db: Rename NetworkNodeConfigKeys to NodeSpecificNetworkNodeConfig
• lxd/db: Rename ImageGet to GetImage
• lxd/db: Rename ImageAssociateNode to AddImageToLocalNode
• lxd/daemon: Detect nodev and improve errors
• lxd/db: Rename NodeByAddress to GetNodeByAddress
• lxd/db: Rename NodePendingByAddress to GetPendingNodeByAddress
• lxd/db: Rename NodeByName to GetNodeByName
• lxd/db: Rename NodeName to GetLocalNodeName
• lxd/db: Rename NodeAddress to GetLocalNodeAddress
• lxd/db: Rename Nodes to GetNodes
• lxd/db: Rename NodesCount to GetNodesCount
• lxd/db: Rename NodeRename to RenameNode
• lxd/db: Rename NodeAdd to CreateNode
• lxd/db: Rename NodeAddWithArch to CreateNodeWithArch
• lxd/db: Rename NodePending to SetNodePendingFlag
• lxd/db: Rename NodeUpdate to UpdateNode
• lxd/db: Rename NodeAddRole to CreateNodeRole
• lxd/db: Rename NodeRemoveRole to RemoveNodeRole
• lxd/db: Rename NodeUpdateRoles to UpdateNodeRoles
• lxd/db: Rename NodeRemove to RemoveNode
• lxd/db: Rename NodeHeartbeat to SetNodeHeartbeat
• lxd/db: Rename NodeOfflineThreshold to GetNodeOfflineThreshold
• lxd/db: Rename NodeClear to ClearNode
• lxd/db: Rename NodeWithLeastContainers to GetNodeWithLeastInstances
• lxd/db: Rename NodeUpdateVersion to SetNodeVersion
• lxd/db: Rename Operations to GetLocalOperations
• lxd/db: Rename OperationsUUIDs to GetLocalOperationsUUIDs
• lxd/db: Rename OperationNodes to GetNodesWithRunningOperations
• lxd/db: Rename OperationByUUID to GetOperationByUUID
• lxd/db: Rename OperationAdd to CreateOperation
• lxd/db: Rename OperationRemove to RemoveOperation
• lxd/db: Rename OperationFlush to removeNodeOperations
• lxd/db: Rename Patches to GetAppliedPatches
• lxd/db: Rename PatchesMarkApplied to MarkPatchAsApplied
• lxd/db: Rename Profiles to GetProfileNames
• lxd/db: Rename ProfileGet to GetProfile
• lxd/db: Rename ProfilesGet to GetProfiles
• lxd/db: Drop ProfileConfig
• lxd/db: Rename ProfileDescriptionUpdate to UpdateProfileDescription
• lxd/db: Rename ProfileConfigClear to ClearProfileConfig
• lxd/db: Rename ProfileConfigAdd to CreateProfileConfig
• lxd/db: Rename ProfileContainersGet to GetInstancesWithProfile
• lxd/db: Rename ProfileCleanupLeftover to RemoveUnreferencedProfiles
• lxd/db: Rename ProfilesExpandConfig to ExpandInstanceConfig
• lxd/db: Rename ProfilesExpandDevices to ExpandInstanceDevices
• lxd/storage/drivers/generic/vfs: Dont require access to block device when excluding root image file from rsync in genericVFSMigrateVolume
• lxd/storage/drivers/driver/zfs/volumes: Updates MigrateVolume to avoid need to premount snapshot volume
• test/suites/storage/volume/attach: Adds test for custom volume root perm persistence
• lxd/storage/drivers: Fixes custom volume root mount perm issue for BTRFS and DIR
• lxc/storage/drivers/volume: Removes keepDevice from Volume
• lxd/storage/drivers/driver/ceph/volumes: Removes keepDevice usage
• lxc/storage/drivers/driver/ceph/volumes: Mount changes
• lxd/storage/drivers/driver/ceph/volumes: UnmountVolume modifications
• lxd/storage/drivers/driver/ceph/volumes: Esnure permission on volume root set in CreateVolume
• lxd/resources: Skip NVME multipath entries
• lxd/db: Rename ProjectNames to GetProjectNames
• lxd/db: Rename ProjectMap to GetProjectIDsToNames
• lxd/db: Rename ProjectUpdate to UpdateProject
• lxd/db: Rename ProjectLaunchWithoutImages to InitProjectWithoutImages
• lxd/db: Rename RaftNodes to GetRaftNodes
• lxd/db: Rename RaftNodeAddresses to GetRaftNodeAddresses
• lxd/db: Rename RaftNodeAddress to GetRaftNodeAddress
• lxd/db: Rename RaftNodeFirst to CreateFirstRaftNode
• lxd/db: Rename RaftNodeAdd to CreateRaftNode
• lxd/db: Rename RaftNodeDelete to RemoveRaftNode
• lxd/db: Rename RaftNodesReplace to ReplaceRaftNodes
• lxd/db: Rename InstanceSnapshotConfigUpdate to UpdateInstanceSnapshotConfig
• lxd/db: Rename InstanceSnapshotID to GetInstanceSnapshotID
• lxd/db: Rename StoragePoolsNodeConfig to GetStoragePoolsLocalConfig
• lxd/db: Rename StoragePoolID to GetStoragePoolID
• lxd/db: Rename StoragePoolDriver to GetStoragePoolDriver
• lxd/db: Rename StoragePoolIDsNotPending to GetNonPendingStoragePoolsNamesToIDs
• lxd/db: Rename StoragePoolNodeJoin to UpdateStoragePoolAfterNodeJoin
• lxd/db: Rename StoragePoolConfigAdd to CreateStoragePoolConfig
• lxd/db: Rename StoragePoolNodeConfigs to GetStoragePoolNodeConfigs
• lxd/db: Rename StoragePools to GetStoragePoolNames
• lxd/db: Rename StoragePoolsNotPending to GetNonPendingStoragePoolNames
• lxd/db: Rename StoragePoolsGetDrivers to GetStoragePoolDrivers
• lxd/db: Rename StoragePoolGetID to GetStoragePoolID
• lxd/db: Rename StoragePoolGet to GetStoragePool
• lxd/db: Rename StoragePoolConfigGet to getStoragePoolConfig
• lxd/db: Rename StoragePoolCreate to CreateStoragePool
• lxd/db: Rename StoragePoolUpdate to UpdateStoragePool
• lxd/db: Rename StoragePoolConfigClear to clearStoragePoolConfig
• lxd/db: Rename StoragePoolDelete to RemoveStoragePool
• lxd/db: Rename StoragePoolVolumesGetNames to GetStoragePoolVolumesNames
• lxd/db: Rename StoragePoolVolumesGetAllByType to GetStoragePoolVolumesWithType
• lxd/db: Rename StoragePoolVolumesGet to GetStoragePoolVolumes
• lxd/db: Rename StoragePoolNodeVolumesGet to GetLocalStoragePoolVolumes
• lxd/db: Rename StoragePoolVolumeSnapshotsGetType to GetLocalStoragePoolVolumeSnapshotsWithType
• lxd/db: Rename StoragePoolNodeVolumesGetType to GetLocalStoragePoolVolumesWithType
• lxd/db: Rename StoragePoolNodeVolumeGetTypeByProject to GetLocalStoragePoolVolume
• lxd/db: Rename StoragePoolVolumeUpdateByProject to UpdateStoragePoolVolume
• lxd/db: Rename StoragePoolVolumeDelete to RemoveStoragePoolVolume
• lxd/db: Rename StoragePoolVolumeRename to RenameStoragePoolVolume
• lxd/db: Rename StoragePoolVolumeCreate to CreateStoragePoolVolume
• lxd/db: Rename StoragePoolNodeVolumeGetTypeIDByProject to GetStoragePoolNodeVolumeID
• lxd/db: Rename StoragePoolInsertZfsDriver to FillMissingStoragePoolDriver
• lxd/storage/zfs: Use TryUnmount
• ethtool: add ethtoolGset() helper
• Support two-phase creation of a storage pool on single-node cluster
• lxd/storage/drivers/driver/btrfs/utils: Adds setSubvolumeReadonlyProperty function
• lxd/storag/drivers/driver/btrfs/volumes: Removes readonly argument from snapshotSubvolume
• lxd/storage/drivers/driver/btrfs: d.setSubvolumeReadonlyProperty and d.snapshotSubvolume usage
• lxd/db: Rename StoragePoolVolumeGetType to GetStoragePoolVolume
• lxd/db: Rename StoragePoolVolumeSnapshotCreate to CreateStorageVolumeSnapshot
• lxd/db: Rename StoragePoolVolumeSnapshotUpdateByProject to UpdateStoragePoolVolumeSnapshot
• lxd/db: Rename StorageVolumeSnapshotExpiryGet to GetStorageVolumeSnapshotExpiry
• lxd/db: Rename StorageVolumeSnapshotsGetExpired to GetExpiredStorageVolumeSnapshots
• resources/ethtool: implement ETHTOOL_GLINKSETTINGS
• lxd/storage/drivers/driver/btrfs/utils: Adds getSubvolumesMetaData function
• lxd/storage/drivers/driver/btrfs/volumes: Maintain subvolume readonly state in snapshot
• lxd/storage/driversr/driver/btrfs/utils: Allow ro subvolumes to be deleted in deleteSubvolume
• lxd/storag/drivers/driver/btrfs/volumes: Updates MigrateVolume to send subvolumes
• lxd/storage/drivers/driver/btrfs/volumes: Fail backup when cleanup fails in BackupVolume
• lxd/storage/drivers/driver/btrfs/volumes: Better naming of variables in unpackVolume
• lxd/migration/migrate/proto: Adds BTRFS Features to offer header
• lxd/migration/utils: Adds GetBtrfsFeaturesSlice function
• lxd/migration/migration/volumes: Adds BTRFS feature support to TypesToHeader
• lxd/migration/migration/volumes: Adds BTRFS feature support to MatchTypes
• lxd/storage/drivers/driver/btrfs: Adds BTRFS features to MigrationTypes
• lxd/storage/memorypipe: Dont make ioutil.ReadAll panic on cancel
• lxd/storage/drivers/driver/btrfs/utils: Kill btrfs send on error in sendSubvolume
• lxd/storage/drivers/driver/btrfs/utils: Support subvolumes in receiveSubvolume
• lxd/storage/drivers/driver/btrfs/utils: Adds metadataHeader function
• lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromMigration to receive subvolumes
• lxd/db: Rename StorageVolumeNodeAddresses to GetStorageVolumeNodeAddresses
• lxd/db: Rename StorageVolumeDescriptionGet to GetStorageVolumeDescription
• lxd/db: Rename StorageVolumeNextSnapshot to GetNextStorageVolumeSnapshotIndex
• lxd/db: Rename StorageVolumeCleanupImages to RemoveStorageVolumeImages
• lxd/db: Rename StorageVolumeMoveToLVMThinPoolNameKey to UpgradeStorageVolumConfigToLVMThinPoolNameKey
• lxd/db: Update naming pattern for generated database code
• client/lxd_images: Fix backward compatibility
• lxd/storage/btrfs: Fix migration from snapshot
• shared/generate/db: Fix generation of Exists method
• lxd/db: Make generated code stable across "make update-schema" runs
• lxd/db: Leverage code-generation for certificates
• shared: Rewrite OpenPty without cgo
• openpty: use O_CLOEXEC directly
• openpty: use fchown()
• openpty: first unlock the master, then get a slave fd
• openpty: use TIOCGPTPEER if available
• lxd/storage/drivers/driver/lvm/utils: Adds lvmSnapshotSeparator constant and updates lvmFullVolumeName to use it
• lxd/storage/drivers/driver/lvm/utils: Adds lvmEscapedHyphen and updates lvmFullVolumeName usage
• lxd/storage/drivers/driver/lvm/utils: Adds parseLogicalVolumeSnapshot function
• lxd/storage/drivers/driver/lvm/utils: Adds tests for parseLogicalVolumeSnapshot
• lxd/storage/drivers/driver/lvm/volumes: Updates VolumeSnapshots to use parseLogicalVolumeSnapshot
• test: Adds tests for snapshot naming conflicts
• lxd/firewall/drivers: Fix nft syntax
• lxc/project: Fix remote handling
• tests: Fix bad project switch call
• lxd/seccomp: Fix profile conflict between projects
• lxd/storage/drivers/driver/lvm/utils: Adds activateVolume and deactivateVolume functions
• lxd/storage/drivers/driver/lvm/utils: Set --setactivationskip on in createLogicalVolume
• lxd/storage/drivers/driver/lvm/utils: Set --setactivationskip on in createLogicalVolumeSnapshot
• lxd/storage/drivers/driver/lvm/utils: Activate volume in copyThinpoolVolume when regeneration FS UUID
• lxd/storage/drivers/driver/lvm: Dont activate all volumes on pool mount
• lxd/storage/drivers/driver/lvm/volumes: Activate volume before generic copy in CreateVolumeFromCopy
• lxd/storage/drivers/driver/lvm/volumes: Activate volume in SetVolumeQuota
• lxd/storage/drivers/driver/lvm/volumes: Activate volume in MountVolume
• lxd/storage/drivers/driver/lvm/volumes: Deactivate volume in UnmountVolume
• lxd/storage/drivers/driver/lvm/volumes: Acticate volume before generic migrate in MigrateVolume
• lxd/storage/drivers/driver/lvm/volumes: Activate volume in MountVolumeSnapshot
• lxd/storage/drivers/driver/lvm/volumes: Deactivate volume in UnmountVolumeSnapshot
• lxd/storage/drivers/driver/lvm/volumes: Activate volume before FS UUID regen in RestoreVolume
• openpty: fix TIOCGPTPEER usage
• Make network address bind error fatal when clustered
• lxd/storage/drivers/driver/btrfs/utils: Renames metadatHeader to restorationHeader
• lxd/storage/drivers/driver/btrfs/volumes: d.restorationHeader usage
• lxd/storage/drivers/driver/btrfs/volumes: Clarifies comments in MigrateVolume
• lxd/storage/drivers/driver/btrfs/volumes: Adds safety net against failed matching of subvolumes
• lxd/storage/drivers/driver/btrfs/utils: Fix deleteSubvolume to support recursive delete with intermediate ro subvols
• lxd/storage/drivers/utils: Mark BTRFSSubVolumeMakeRo and BTRFSSubVolumeMakeRw deprecated
• lxd/storage/drivers/driver/btrfs/volumes: Updates RestoreVolume to restore subvolume ro property
• test: Adds BTRFS subvolume tests
• lxd/storage/memorypipe: Fixes issue with partial reads losing data
• lxd/storage/drivers/driver/btrfs/volumes: Restores subvolumes ro property in CreateVolumeFromCopy
• lxd/storage/drivers/driver/btrfs/utils: Adds marshal tags to BTRFSSubVolume and BTRFSMetaDataHeader
• lxd/device/nic/bridged: Updates github.com/mdlayher/netx/eui64
• fix IPVLAN docs
• lxd/cluster: Don't run a connection proxy when connecting with the Go dqlite client
• lxd/cluster: Extract dqlite network proxy logic to standalone function and support cancellation
• lxd/cluster: Use dqliteProxy in raftDial
• lxd/cluster: Use ReadClose() to gracefully stop the dqlite proxy
• lxd/device/device/utils/generic: Removes deviceNameEncode and deviceNameDecode
• lxd/storage/drivers/utils: Adds PathNameEncode and PathNameDecode
• lxd/device/device: PathNameEncode and PathNameDecode usage
• lxd/storage/drivers/driver/types: Adds OptimizedBackupHeader field to Info
• lxd/backup/backup: Adds OptimizedHeader field to Info struct
• lxd/backup: Updates backupWriteIndex to populate the OptimizedHeader field
• lxd/storage/drivers/driver/btrfs: Sets OptimizedBackupHeader to true in Info struct response
• lxd/storage/drivers/driver/btrfs/utils: Adds warning to BTRFSSubVolume and BTRFSMetaDataHeader about shared usage
• lxd/storage/drivers/driver/btrfs/volumes: Updates BackupVolume to add subvolumes to optimized backup file
• lxd/storage/drivers/interface: Update CreateVolumeFromBackup to pass srcBackup backup.Info
• lxd/storage/backend/lxd: Pass srcBackup in CreateInstanceFromBackup
• lxd/storage/drivers: CreateVolumeFromBackup srcBackup backup.Info usage
• lxd/backup/backup: Updates GetInfo to set optimizedHeaderFalse false if not present in yaml file
• lxd/storage/drivers/driver/btrfs/utils: Adds loadOptimizedBackupHeader
• lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromBackup to restore subvolumes using optimized header file
• lxd/storage/drivers/driver/btrfs/volumes: Simplifies parent volume logic in BackupVolume
• lxd/storage/drivers/driver/btrfs/volumes: Simplifies parent volume logic for MigrateVolume
• test: Adds BTRFS backup subvolume tests
• lxd/storage/drivers/driver/btrfs/utils: Removes receiveSubvolume
• lxd/storage/drivers/driver/btrfs/utils: Adds receiveSubVolume function
• lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromMigration to use receiveSubVolume
• lxd/resources/memory: Fix memory calculation
• lxd: Improve logging of shutdown errors
• lxd/instances/post: Delete restored instance on backup post hook failure
• Fix 'how to mount home directory' shiftfs FAQ
• shared: build fs_{32,64}bit.go on mips*
• lxd/util: build fs_{32,64}bit.go on mips*
• lxd/rsync: Adds optional rsync arguments to LocalCopy
• lxd/storage/utils: Fixes ImageUnpack to not erase generated rootfs block file when doing rsync
• ethtool: don't report -1 for speed in ethtoolLink()
• lxd/storage/quota/projectquota: Fixes leaking file handles in quota_set_path and quota_get_path
• lxd/storage/quota/projectquota: Adds inherit argument to quota_set_path
• lxd/storage/quota/projectquota: Updates SetProject to recursively set project and support non-directory files
• lxd/storage/drivers/driver/dir/utils: Updates deleteQuota to use DeleteProject
• lxd/storage/drivers/driver/dir/volumes: Adds quota revert in CreateVolumeFromBackup post hook
• Always skip offline servers when rebalancing
• When demoting a voter to spare, transition to stand-by first
• test/clustering: Make sure that a killed voter can't dsirupt current leader
• lxd/cluster: Use a dedicated channel to stop the dqlite proxy
• lxd: Call Deamon.Kill() also when receiving signals (so db transactions won't be retried)
• lxd/db: Add Cluster.Kill() method to prevent retrying upon shutdown
• lxd/firewall/drivers/driver/nftables/templates: Fixes proxy nat rule dynamic family
• shared/util_linux.go: cast Rdev uint64 for mips
• lxd/storage/quota/projectquota.go: cast Rdev uint64 for mips
• lxd/device/device_utils_unix.go: cast Rdev uint64 for mips
• lxd/device/gpu.go: cast Rdev uint64 for mips
• shared: Reimplement GetPollRevents without cgo
• lxd-agent: Build statically
• Drop gccgo
• lxd-p2c: Drop cgo
• shared/ucred: Cleanup package
• lxd/api: Don't strip double slashes
• lxd/operations: Improve error message when database insertion fails
• lxd/db: Change UpdateCertificate to RenameCertificate (only renaming supported)
• lxd/db: Rename containers.go to instances.go
• shared/generate/db: Statement for deleting references (config and devices)
• lxd/db: Generate delete stements for profile config and devices
• shared/generate/db: update statement: take ID instead of natural key
• shared/generate/db: Handle config and devices in Update method
• lxd/db: Generate Update method for profiles
• lxd: Plug new UpdateProfile() db method into doProfileUpdate
• lxd: Plug new UpdateProfile() db method into updatePoolPropertyForAllObjects
• lxd/db: Generate delete statements for instance config, devices and profiles
• lxd/db: Generate UpdateInstance method
• lxd/instance: Plug the new UpdateInstance method and replace legacy logic
• lxd/db: Drop AddDevicesToEntity
• lxd/storage/drivers/driver/common: Logging quoting consistency
• lxd/storage/drivers: Adds storage_lvm_skipactivation patch
• test: Drive-by fix for flaky clustering rebalance test
• Recommend to increase the value of aio-max-nr for production use
• lxd/firewall/firewall/interface: Change definition of Compat() to return compat issue error
• lxd/firewall/drivers/driver/nftables: Updates Compat() to return compat issues as error
• lxd/firewall/drivers/drivers/xtables: Updates Compat() to return compat issues as error
• shared/simplestreams: Support uefi1.img
• lxd/firewall/firewall/load: Updates driver detection to warn when falling back to non-compatible xtables
• lxd/storage/pools: Improves delete pool error info
• instance_exec: don't panic
• lxd/qemu: Handle quoted raw.qemu
• lxd/main_forkproxy: Reduce logging
• lxd/networks: Warn on small IPv6 subnets
• lxd/network: Force DHCP custom gateway
• lxc/list: Add disk and memory columns
• i18n: Update translation template
• lxd/storage/drivers: Make sure tar reader context is cancelled before defer
• lxc/list: Fix test
• shared/archive: Wraps cancelFunc to wait until unpacker process has finished in CompressedTarReader
• lxd/cluster: Transfer leadership before adjusting roles, not after
• lxd/cluster: Add time skew detection
• test: Wait a few more seconds for the rebalance to happen
• lxd/daemon.go: Don't try to rebalance after shutdown sequence has started
• lxd/cluster: Don't try to rebalance a standalone node
• lxc/ucred: Simplify logic
• lxd/qemu: Cleanup arch checks
• lxd/qemu: Add s390x support
• lxd/api: Fail /internal/ready requests made after shutdown has started
• lxc/config: Add -e shorthand
• forkfile: port to using pidfds
• forkmount: port to using pidfds
• forkproxy: port to using pidfds
• syscall_numbers: update
• forknet: port to pidfds
• forkuevent: port to pidfds
• forksyscall: port to pidfds
• daemon: record "pidfd" extension
• lxd/storage/lvm: Correct bad VG name in patch
• shared/subprocess: Better handle slow systems
• tests: Don't assume bridge MTU can be forced up
• fork*: add "--" to not misinterpret negative integers as flags
• lxd/storage/utils: Removes unused name arg from VolumeFillDefault
• lxd/instance/drivers: storagePools.VolumeFillDefault usage
• lxd/patches: driver.VolumeFillDefault usage
• lxd/storage/utils: VolumeFillDefault usage
• lxd/storage/utils: Updates VolumeValidateConfig to require volume type
• lxd/storage/utils: Adds VolumeDBTypeToType function
• lxd/storage/utils: Updates VolumeDBCreate to pass volume type
• lxd/storage/drivers/utils: Updates ensureVolumeBlockFile to reject unsafe volume shrinking
• lxd/storage/drivers/geneirc/vfs: Removes genericVFSResizeBlockFile
• lxd/storage/drivers: ensureVolumeBlockFile usage
• lxd/storage/drivers/volume: Adds SetQuota function
• lxd/storage/drivers/volume: Adds config functions
• lxd/storage/drivers/driver/lvm/utils: Removes functions moved into Volume struct
• lxd/storage/drivers/driver/lvm/utils: Usage of volume config functions
• lxd/storage/drivers/driver/lvm/volumes: Volume config function usage
• lxd/storage/drivers: Replace volumeSize() with vol.ConfigSize()
• forknet: add missing "--" to forknet invocation on detach
• process_utils: remove a bunch of unused functions
• lxd: Make use of ExitCode
• share/subprocess: Reduce sleep back to 5
• lxd/instances/lxc: Fix calls to forknet
• forkmount: prevent interpreting negative numbers as flags
• shared/subprocess: Ensure monitor routine exits
• shared/subprocess: Properly reset state
• tests: Fix btrfs test on non-shiftfs
• tests: Old kernels don't let you rmdir btrfs
• lxd/db: Use query.SelectString helper in GetLocalImages()
• lxd/db: Use query.SelectString helper in GetImagesFingerprints()
• shared/generate/db: Support int64 fields
• lxd/db: Initial code generation for images (without references)
• lxd/db: Use the generated GetImages code to implement GetExpiredImages
• lxd/db: Use query.SelectObjects helper in GetImageSource
• lxd/db: Use query.SelectStrings helper in ImageSourceGetCachedFingerprint
• lxd/db: Use query.Count helper in ImageExists
• lxd/db: Use query.Count helper in ImageIsReferencedByOtherProjects
• lxd/db: Use query.UpsertObject helper in CreateImageSource
• lxd/cluster: Drive-by fix for flaky rebalance test
• lxd/db: Usage query.DeleteObject to implement DeleteImage
• lxd/db: Use query.SelectStrings to implement GetImageAliases
• lxd/db: Use a single transaction in GetImageAlias
• lxd/db: Use a single transaction in DeleteImageAlias
• lxd/db: Use single transaction in CreateImageAlias
• lxd/db: Usage single transaction in CreateImage
• lxd/db: Use query.SelectIntegers helper in GetPoolsWithImage
• lxd/db: Use a single transaction in GetPoolNamesFromIDs
• lxd/db: Use explicit transaction in GetInstanceProjectAndName
• lxd/db: Drop unused DeleteInstanceConfig
• shared/subprocess: Fix Stop handling
• lxd/storage/utils: Updates ImageUnpack to detect too small volume for qcow2 image and increase size before unpack
• lxd/storage/utils: Adds checks to ImageUnpack before enlarging volume
• lxd/storage/drivers/driver/types: Updates VolumeFiller Fill function to take a Volume
• lxd/storage: Updates volume filler usage to supply Volume rather than mount path
• lxd/storage/drivers/volume: Adds ConfigSizeFromSource function
• lxd/storage/drivers/driver/lvm/utils: Updates copyThinpoolVolume to only use vol.config["size"] for resizing
• lxd/storage/drivers/driver/lvm/utils: Updates Volume type in createLogicalVolumeSnapshot definition
• lxd/storage/drivers/driver/common: Adds runFiller function
• lxd/storage/backend/lxd: Updates imageFiller to return volume size
• lxd/storage/backend/lxd: Updates CreateInstanceFromImage to load image vol DB record
• lxd/storage/backend/lxd: Updates EnsureImage to record volatile.rootfs.size for block images
• lxd/storage/drivers/driver/types: Updates VolumeFiller definition to store size
• lxd/storage/utils: Validates volatile.rootfs.size key for image volumes in validateVolumeCommonRules
• lxd/storage/utils: Updates ImageUnpack to return image virtual size
• lxd/storage/drivers/driver/btrfs/volumes: d.runFiller usage
• lxd/storage/drivers/driver/ceph/volumes: d.runFiller usage
• lxd/storage/drivers/driver/cephfs/volumes: d.runFiller usage
• lxd/storage/drivers/driver/dir/volumes: d.runFiller usage
• lxd/storage/drivers/driver/lvm/volumes: d.runFiller usage
• lxd/storage/drivers/driver/zfs/volumes: d.runFiller usage
• lxd/storage/drivers/volume: Adds SetConfigSize function
• lxd/storage/backend/lxd: Updates CreateInstanceFromImage to use vol.ConfigSizeFromSource to dervice volume size
• lxd/storage/drivers: Updates CreateVolumeFromCopy to only use vol.config["size"] for resizing
• lxd: Reduce number of transactions in containerPostClusteringMigrate
• lxd/db: Use query.SelectStrings helper in LegacyContainersList
• lxd/db: Rename dbDeviceTypeToString to deviceTypeToString
• lxd/storage/drivers/utils: ensureVolumeBlockFile comment clarification
• lxd/storage/drivers/utils: Renames BlockDevSizeBytes to BlockDiskSizeBytes
• lxd/storage/utils: drivers.BlockDiskSizeBytes usage
• lxd/storage/utils: Simplifies InstanceDiskBlockSize with drivers.BlockDiskSizeBytes usage
• lxd/storage/drivers/generic/vfs: Simplifies genericVFSBackupVolume with drivers.BlockDiskSizeBytes usage
• lxd/storage/backend/lxd: Whitespace in CreateInstanceFromBackup
• lxd/storage/drivers/driver/ceph/volumes: BlockDiskSizeBytes usage in SetQuota
• lxd/storage/drivers: Updates dir and btrfs to support filler volume enlargement
• lxd/db: Group ClusterTx instance methods together
• lxd/db: Rename AddProfilesToInstance to addProfilesToInstance
• lxd/db: Move instance backup methods to backups.go
• lxd/db: Rename InstanceBackupArgs to InstanceBackup
• lxd/db: Remove unused profile functions
• lxd/db: Move storage volumes methods to storage_volumes.go
• lxd/storage/drivers/volume/test: Adds tests for Volume.ConfigSizeFromSource()
• forkuevent: fix slice allocation
• unix-hotplug: fix uevent injection
• lxd/db: Use auto-generated GetImages() to implement GetImage()
• lxd/db: Use auto-generated GetImages to implement GetImageFromAnyProject
• lxd/db: Group ClusterTx image methods together
• lxd/db: Rename ImageSourceGetCachedFingerprint to GetCachedImageSourceFingerprint
• lxd/images: Set CreatedAt on publish
• lxd: New command line option to trace SQL statements
• lxd/firewall/drivers/drivers/xtables: Updates iptablesInUse to kill process once first rule found
• lxd/backup: Fixes hang in backupCreate when invalid compression argument supplied
• lxd/storage/utils: Removes duplicated qemu-img call in ImageUnpack
• lxd/storage/utils: Switch to qemu-img dd mode in ImageUnpack
• lxd/storage/drivers/utils: Exports MinBlockBoundary
• lxd/storage/drivers: MinBlockBoundary usage
• lxd/resources: Handle missing cache size/type
• Update documentation with backup compression
• lxd/rbac: New notification API
• lxd/firewall/nft: Enhance support detection
• Fix regression in GetImageFromAnyProject
• doc/security: Adds notes about IPv6 router advertisement security
• lxd/device/nic: Changes nicValidationRules to properly validation vlan
• lxd/device/nic/bridged: Adds revert for veth pair cleanup on error
• lxd/firewall/drivers/drivers/xtables: Drops tagged vlan frames when using IP filtering
• lxd/firewall/drivers/drivers/nftables: Drops tagged vlan frames when using IP filtering
• lxd/network/network/utils: Improve comments on ovs switch attach/detach
• lxd/network/network/utils: Improves arg name in network attach/detach functions
• lxd/device/bic/bridged: Fixes openvswitch port leak when device is stopped
• lxd/network/utils: Adds IsNativeBridge function
• lxd/maas: Fix support for multiple subnets
• lxd/maas: Support projects
• lxd/dnsmasq: Add project suffix
• Remove incorrect statement about supported network devices with virtual machines According documentation supported types with virtual machines are physical, bridged, macvlan, p2p, sriov
• lxd/rbac: Fix auth for non-RBAC trusted clients
• global: Add riscv64 to build tags
• Stop using Driver.SetContextTimeout() which is a no-op
• use the coreos fork of boltdb since the original is archived/abandoned
• lxd/device/device/utils/network: Adds networkValidVLAN and networkValidVLANList functions
• lxd/device/device/utils/network: Allow VLAN ID 0 in networkValidVLAN
• lxd/instance/drivers/driver/lxc: Adds debug logging to deviceStop
• lxd/instance/drivers/driver/lxc: Adds driver revert on failed start in startCommon
• lxd/instance/drivers/driver/qemu: Adds debug logging to deviceStop
• lxd/instance/drivers/driver/qemu: Simplifies failed start device cleanup in Start
• lxd/storage/drivers/driver/ceph/utils: Removes getRBDFilesystem
• lxd/storage/drivers/driver/ceph: Replaces use of d.getRBDFilesystem with vol.ConfigBlockFilesystem
• lxd/storage/drivers/volume: Adds ConfigBlockMountOptions function
• lxd/storage/drivers/driver/ceph/utils: Removes getRBDMountOptions in place of vol.ConfigBlockMountOptions()
• lxd/storage/drivers/driver/lvm/utils: Removes volumeMountOptions in place of vol.ConfigBlockMountOptions()
• lxd/storage/drivers: Replaces driver specific mount options resolution with vol.ConfigBlockMountOptions()
• shared/api: Extend NetworkState for bridge/bond
• lxd/rbac: Don't close body when missing
• doc/storage: Cover host/disk/loop setups
• lxd/init: Tweak default loop sizing
• lxd/vm: Rename some functions
• client: Expand snap path in ConnectLXDUnix
• client: Fix ConnectLXDUnix regression
• lxd/vm: Fix PCIe slot for physical/sriov nic
• lxd/vm: Add virtio-vga card
• lxd/vm: Add spice channel
• lxd/instance/drivers/driver/qemu: Integrates built in GPU device PCI range with future passthrough GPU devices
• lxd/instance/drivers/driver/qemu/templates: Updates built in GPU device to use GPU address range prefix
• lxd/vm: Move to separate devices
• lxd/vm: Remove tiny wrapper functions
• lxd/vm: Per-architecture bus type
• add type to specify the instance type on creation Signed-off-by: Salem Yaslem s@sy.sa
• lxd/vm: Centralize port generation
• lxd/device: Sort nic devices ahead of others
• lxd/device/device/utils/generic: Adds PCI management functions for overriding driver
• lxd/device/device/utils/network: Removes network specific PCI bind/unbind functions
• lxd/device/nic/physical: Updates to use generic PCI management functions
• lxd/device/nic/sriov: Updates to use generic PCI management functions
• lxd/vm: Separate template keys in global/local
• lxd/vm: Use virtio-gpu-pci on non-x86
• lxd/vm: Rename qemuVGA to qemuGPU
• lxd/vm: Add virtio-input keyboard/mouse
• lxd/vm: Move bus allocator to own file
• lxc/volume: Fix typo in help message
• lxc/snapshot: Allow using snapshot delimiter
• doc/instances: Updates GPU device docs to show VM support
• lxd/device/gpu: Updates validation for VM support
• lxd/device/config/device/runconfig: Adds GPU field to RunConfig
• lxd/device/device/utils/generic: pciDeviceDriverOverride only check for driver binding if specified
• lxd/device/gpu: Adds VM GPU passthrough support
• lxd/instance/drivers/driver/qemu/templates: Consistent naming and casing for net dev templates
• lxd/instance/drivers/driver/qemu: Consistent net dev naming usage
• lxd/instance/drivers/driver/qemu/templates: Adds qemuGPUDevPhysical template
• lxd/instance/drivers/driver/qemu: Adds GPU passthrough support
• lxd/instance/drivers/driver/qemu/bus: Adds comments, clarifies var names, and constants for defined multi-function groups
• lxd/instance/drivers/driver/qemu: Switches to multi-function group constants and adds comments
• lxd/instance/drivers/qmp/monitor: Allow serial char device name to be passed in
• lxd/instance/drivers/driver/qemu: Defines qemuSerialChardevName to share with qemu and qmp
• lxd/instance/drivers/driver/qemu: qemuSerialChardevName usage
• lxd/instance/drivers/driver/qemu/templates: Add serial chardev name injection
• lxd/storage/quota/projectquota: Only set quota on directories and regular files
• lxd/db: Automatically strip ?project=default
• lxc/action: Properly handle --all with remotes
• lxd/projects: Properly clear empty keys
• lxd/db: Add missing feature to default project
• lxd/instance/drivers/driver/qemu: Pass-through GPU VGA mode status from host
• i18n: Update translation templates
• lxd/storage/drivers/driver/zfs/volumes: Remove snapshot when migrating as main volume
• lxd/cluster/heartbeat: Fix race in HeartbeatNode
• lxc/console: Split Console to own function
• lxc/start: Allow direct console attach
• i18n: Update translation templates
• lxd/instance/drivers/driver/qemu: Only enable GPU vga mode on x86_64 systems
• lxd/resources: Fix golint warning
• doc/api-extensions: Fix escaping
• api: resource_cpu_isolated
• lxd/resources: Add Isolated property
• lxd/resources: Don't use shared
• lxd/devices: Use resources for cpuset parsing
• lxc: Don't over-escape URLs
• lxd: Don't over-escape URLs
• lxd/db/storage: Rework UsedBy for pools
• lxd/instance/drivers/driver/qemu: Adds trans=virtio to 9p mounts
• lxc/action: Also add --console to restart
• lxd/resources/net: More flexible PCI detection
• lxc/query: Add path check
• i18n: Update translation templates
• tests: Fix bad lxc query call
• lxd/storage-pools: Tweak UsedBy URLs
• lxd/db: Tweak joins
• lxd/db: Fix UsedBy on projects
• lxd/storage_volumes: Fix UsedBy
• api: usedby_consistency
• lxd-agent/main/agent: Fix 9p mount when relative target path is supplied
• test: Updates udhcpd args to ensure process quits one lease acquired
• util_linux: update terminology
• lxd/networks: Reports profiles in UsedBy
• lxd: Fix snapshot index retrieval
• lxd/backups: Use backups dir for unpack
• lxd/vm: Add udev rule fallback
• lxd/images: Set arch names when downloading
• lxd: More flexible compression algorithms
• tests: Add test for compression options
• doc/rest-api: Rename rootfs to root
• doc/rest-api: Fix instance PATCH example
• lxd: Fix building with clang
• lxd/db: Add missing criteria for querying a specific public image
• lxd/db: Add the Errored storage state when rendering the Status field
• lxd/cluster: If raft node 1 gets remove during recovery, add it back
• lxd/db: Make GetNework() return an error if the network is pending
• lxd/db: Rename NetworkCreatePending to CreatePendingNetwork
• lxd/db: Make GetStoragePool() return an error if the pool is pending
• lxd/db: Rename StoragePoolCreatePending to CreatePendingStoragePool
• lxd/firewall: Filter unwanted ethernet frame types when IP filtering is enabled
• lxd/storage/drivers: Bump VM fs size to 100MB
• lxd/db: Fix UsedBy for profiles on storage pools
• lxd/storage: Use Truncate to create/grow VM files
• lxd/db: Consider personalities in GetNodeWithLeastInstances
• lxd/db: Avoid test failure in arch matching

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 4.2 リリースのお知らせ¶

5th of June 2020

はじめに ¶

LXD チームは、LXD 4.2 のリリースをお知らせすることにとてもワクワクしています！

このリリースでは、完全に新しい機能の導入と、多数のバックグラウンドの安定性の向上と速度の改良を行っています。

このリリースでのネットワークの改良は、プロジェクトごとの仮想ネットワークを OVN を使って実装するという最終的なゴールへ向かって設定した作業の始まりを示しています。この一環として、既存の OVS の扱いをいくつか修正し、VLAN フィルタリングと設定レポートをいくつか LXD に追加しました。

データベースやクラスタリングロジックの改良、問題の修正、テストカバレッジの改良、パフォーマンスの改善にもかなりの努力が払われています。

最後の注目点はセキュリティです。我々がここ数ヶ月〜数年の間に行ってきたアップストリームのカーネルでの作業から利益が得られるようになっています。このような機能を使って競合状態を避けながら、全体的に LXD をスピードアップしています。

Enjoy!

新機能とハイライト ¶

ブリッジでの VLAN フィルタリング ¶

物理的なネットワークスイッチに精通している人は、ポートやボンディングにタグなしやタグ付きの VLAN を設定するのに慣れているでしょう。Linux のソフトウェアスイッチでも、タグなし VLAN のポートごとの選択や、タグ付き VLAN のリストを全く同じように扱えます。

今回のリリースで、LXD はネイティブな Linux のブリッジと OVS の両方をサポートするようになりました。

ブリッジされた nic での vlan と vlan.tagged 設定キーを通して実装されます。vlan プロパティはタグなし VLAN を制御します。一方で、vlan.tagged は通過させるカンマ区切りのタグ付き VLAN のリストです。

ネットワーク状態情報の拡張 ¶

/1.0/networks/NAME/state API エンドポイントが拡張され、ボンディングとブリッジ固有の詳細が表示できるようになりました。これにより、LXD ホストをリモートから調査するのが容易になりました。特にクラスターの場合に役に立ちます。

ボンディングの詳細は次のように見えます:

stgraber@castiana:~$ lxc query /1.0/networks/bond0/state | jq .bond
{
  "down_delay": 500,
  "lower_devices": [
    "dum0",
    "dum1"
  ],
  "mii_frequency": 100,
  "mii_state": "up",
  "mode": "balance-rr",
  "transmit_policy": "layer2",
  "up_delay": 100
}

ブリッジの詳細は次のように見えます:

stgraber@castiana:~$ lxc query /1.0/networks/lxdbr0/state | jq .bridge
{
  "forward_delay": 1500,
  "id": "8000.06099e00b912",
  "stp": false,
  "upper_devices": [
    "tap1053b4fd",
    "tapef45d46d",
    "veth1651f83f",
    "veth8eb3fb1a"
  ],
  "vlan_default": 1,
  "vlan_filtering": true
}

カスタムの検索ドメインのサポート ¶

新たにネットワークで domain.search 設定キーが設定でき、これを使ってインスタンスに広告する検索のためのドメインのリストをカンマ区切りで設定するために使えます。

ネットワークリストの新たな IPv4 と IPv6 カラム ¶

lxc network list のデフォルト出力で新たに IPv4 と IPv6 のサブネットを表示するようになりました。 ネットワークを識別するのがかなり簡単になりました。

stgraber@castiana:~$ lxc network list
+--------+----------+---------+----------------+---------------------------+-------------+---------+
|  NAME  |   TYPE   | MANAGED |      IPV4      |           IPV6            | DESCRIPTION | USED BY |
+--------+----------+---------+----------------+---------------------------+-------------+---------+
| bond0  | bond     | NO      |                |                           |             | 0       |
+--------+----------+---------+----------------+---------------------------+-------------+---------+
| eth0   | physical | NO      |                |                           |             | 0       |
+--------+----------+---------+----------------+---------------------------+-------------+---------+
| eth1   | physical | NO      |                |                           |             | 0       |
+--------+----------+---------+----------------+---------------------------+-------------+---------+
| lxdbr0 | bridge   | YES     | 10.166.11.1/24 | fd42:4c81:5770:1eaf::1/64 |             | 16      |
+--------+----------+---------+----------------+---------------------------+-------------+---------+
| wlan0  | physical | NO      |                |                           |             | 0       |
+--------+----------+---------+----------------+---------------------------+-------------+---------+

コンテナで mips と riscv64 の VM で s390x のサポート ¶

色々な MIPS バリアントのサポートが追加され、LXD で MIPS システムをビルドして実行できるようになりました。

RISC-V 64bit のサポートも追加され、コンテナで動作することを確認しました。

ubuntu@riscv64:~$ lxc list -cns46ta
+------+---------+----------------------+-----------------------------------------------+-----------+--------------+
| NAME |  STATE  |         IPV4         |                     IPV6                      |   TYPE    | ARCHITECTURE |
+------+---------+----------------------+-----------------------------------------------+-----------+--------------+
| b1   | RUNNING | 10.108.12.160 (eth0) | fd42:5832:5781:1eaf:216:3eff:fedd:884d (eth0) | CONTAINER | riscv64      |
+------+---------+----------------------+-----------------------------------------------+-----------+--------------+

両方とも、事実上イメージが存在しないので、今の所は Busybox を使うしかありません。

VM 側では、s390x 仮想マシンのサポートを追加しました。

すべてのコンテナのサブプロセスで pidfd を使用 ¶

LXD はコンテナ由来の PID を受け取るサブプロセスを頻繁に生成します。 これは状況次第では競合状態になる可能性があります。プロセスが終了し、我々がそれを検知する前に PID がリサイクルされる可能性があり、偶然間違った相手とやりとりしてしまう可能性があります。

Linux カーネルの pidfd に関する @brauner 氏の作業はこれを修正することを目的としています。LXD と LXC は PID を渡すのではなく、可能な限りファイルディスクリプタを特定のプロセスに渡すようにしています。

LVM ボリュームは必要なときのみアクティブに ¶

LVM はインスタンスが実行されていない限り、LV を非アクティブに保つことにより、ZFS や CEPH と同じように動作します。これにより /dev が乱雑さが減少し、小さなパフォーマンスの向上につながる可能性があります。

DB クエリのトレースサポート ¶

LXD のデータベースクエリをデバッグするために、新たに trace オプションが追加されました。 デーモンを --debug --trace database オプション付きで起動すると、すべての SQL クエリがログに記録されます。

より良いクラスターライフサイクルの扱い ¶

最近、外部の dqlite/raft/libco プロジェクトに対する自動テストを拡張し、他のダウンストリームユーザーが発見した多数の問題を修正し、LXD のロジックの一部をアップストリームのコードベースに移動しました。

LXD のクラスタリングテストは、リーダーシップの変更、ノードの再起動、デグレードのセットアップのより多くのケースをテストするために拡張されました。

クラスター化された環境でよくある問題の原因は時間のズレ（Time skew）です。数秒以上ずれると、スケジュールされたタスクやイベントなどで大混乱が引き起こされる可能性があります。これを解決するために、LXD は時間のズレを検出する方法として内部的なハートビートを使います。そして検出されたり解決された場合にログに警告を出力するようになりました。

データベース関数のクリーンアップ ¶

データベースの面では、データベースロジックのより多くがコードジェネレーターに移動され、コードを書く際にミスをするリスクを制限しています。その結果、多数の関数が非推奨となり、コードパスの一部が単一のトランザクション内で実行されるように最適化されました。

すべての変更点（翻訳なし）¶

Here is a complete list of all changes in this release:

• shared/generate/db: Fix generation of Exists method
• lxd/db: Make generated code stable across "make update-schema" runs
• lxd/db: Leverage code-generation for certificates
• shared: Rewrite OpenPty without cgo
• openpty: use O_CLOEXEC directly
• openpty: use fchown()
• openpty: first unlock the master, then get a slave fd
• openpty: use TIOCGPTPEER if available
• lxd/storage/drivers/driver/lvm/utils: Adds lvmSnapshotSeparator constant and updates lvmFullVolumeName to use it
• lxd/storage/drivers/driver/lvm/utils: Adds lvmEscapedHyphen and updates lvmFullVolumeName usage
• lxd/storage/drivers/driver/lvm/utils: Adds parseLogicalVolumeSnapshot function
• lxd/storage/drivers/driver/lvm/utils: Adds tests for parseLogicalVolumeSnapshot
• lxd/storage/drivers/driver/lvm/volumes: Updates VolumeSnapshots to use parseLogicalVolumeSnapshot
• test: Adds tests for snapshot naming conflicts
• lxd/firewall/drivers: Fix nft syntax
• lxc/project: Fix remote handling
• tests: Fix bad project switch call
• lxd/seccomp: Fix profile conflict between projects
• lxd/storage/drivers/driver/lvm/utils: Adds activateVolume and deactivateVolume functions
• lxd/storage/drivers/driver/lvm/utils: Set --setactivationskip on in createLogicalVolume
• lxd/storage/drivers/driver/lvm/utils: Set --setactivationskip on in createLogicalVolumeSnapshot
• lxd/storage/drivers/driver/lvm/utils: Activate volume in copyThinpoolVolume when regeneration FS UUID
• lxd/storage/drivers/driver/lvm: Dont activate all volumes on pool mount
• lxd/storage/drivers/driver/lvm/volumes: Activate volume before generic copy in CreateVolumeFromCopy
• lxd/storage/drivers/driver/lvm/volumes: Activate volume in SetVolumeQuota
• lxd/storage/drivers/driver/lvm/volumes: Activate volume in MountVolume
• lxd/storage/drivers/driver/lvm/volumes: Deactivate volume in UnmountVolume
• lxd/storage/drivers/driver/lvm/volumes: Acticate volume before generic migrate in MigrateVolume
• lxd/storage/drivers/driver/lvm/volumes: Activate volume in MountVolumeSnapshot
• lxd/storage/drivers/driver/lvm/volumes: Deactivate volume in UnmountVolumeSnapshot
• lxd/storage/drivers/driver/lvm/volumes: Activate volume before FS UUID regen in RestoreVolume
• openpty: fix TIOCGPTPEER usage
• Make network address bind error fatal when clustered
• lxd/storage/drivers/driver/btrfs/utils: Renames metadatHeader to restorationHeader
• lxd/storage/drivers/driver/btrfs/volumes: d.restorationHeader usage
• lxd/storage/drivers/driver/btrfs/volumes: Clarifies comments in MigrateVolume
• lxd/storage/drivers/driver/btrfs/volumes: Adds safety net against failed matching of subvolumes
• lxd/storage/drivers/driver/btrfs/utils: Fix deleteSubvolume to support recursive delete with intermediate ro subvols
• lxd/storage/drivers/utils: Mark BTRFSSubVolumeMakeRo and BTRFSSubVolumeMakeRw deprecated
• lxd/storage/drivers/driver/btrfs/volumes: Updates RestoreVolume to restore subvolume ro property
• test: Adds BTRFS subvolume tests
• lxd/storage/memorypipe: Fixes issue with partial reads losing data
• lxd/storage/drivers/driver/btrfs/volumes: Restores subvolumes ro property in CreateVolumeFromCopy
• lxd/storage/drivers/driver/btrfs/utils: Adds marshal tags to BTRFSSubVolume and BTRFSMetaDataHeader
• lxd/device/nic/bridged: Updates github.com/mdlayher/netx/eui64
• fix IPVLAN docs
• lxd/cluster: Don't run a connection proxy when connecting with the Go dqlite client
• lxd/cluster: Extract dqlite network proxy logic to standalone function and support cancellation
• lxd/cluster: Use dqliteProxy in raftDial
• lxd/cluster: Use ReadClose() to gracefully stop the dqlite proxy
• lxd/device/device/utils/generic: Removes deviceNameEncode and deviceNameDecode
• lxd/storage/drivers/utils: Adds PathNameEncode and PathNameDecode
• lxd/device/device: PathNameEncode and PathNameDecode usage
• lxd/storage/drivers/driver/types: Adds OptimizedBackupHeader field to Info
• lxd/backup/backup: Adds OptimizedHeader field to Info struct
• lxd/backup: Updates backupWriteIndex to populate the OptimizedHeader field
• lxd/storage/drivers/driver/btrfs: Sets OptimizedBackupHeader to true in Info struct response
• lxd/storage/drivers/driver/btrfs/utils: Adds warning to BTRFSSubVolume and BTRFSMetaDataHeader about shared usage
• lxd/storage/drivers/driver/btrfs/volumes: Updates BackupVolume to add subvolumes to optimized backup file
• lxd/storage/drivers/interface: Update CreateVolumeFromBackup to pass srcBackup backup.Info
• lxd/storage/backend/lxd: Pass srcBackup in CreateInstanceFromBackup
• lxd/storage/drivers: CreateVolumeFromBackup srcBackup backup.Info usage
• lxd/backup/backup: Updates GetInfo to set optimizedHeaderFalse false if not present in yaml file
• lxd/storage/drivers/driver/btrfs/utils: Adds loadOptimizedBackupHeader
• lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromBackup to restore subvolumes using optimized header file
• lxd/storage/drivers/driver/btrfs/volumes: Simplifies parent volume logic in BackupVolume
• lxd/storage/drivers/driver/btrfs/volumes: Simplifies parent volume logic for MigrateVolume
• test: Adds BTRFS backup subvolume tests
• lxd/storage/drivers/driver/btrfs/utils: Removes receiveSubvolume
• lxd/storage/drivers/driver/btrfs/utils: Adds receiveSubVolume function
• lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromMigration to use receiveSubVolume
• lxd/resources/memory: Fix memory calculation
• lxd: Improve logging of shutdown errors
• lxd/instances/post: Delete restored instance on backup post hook failure
• Fix 'how to mount home directory' shiftfs FAQ
• shared: build fs_{32,64}bit.go on mips*
• lxd/util: build fs_{32,64}bit.go on mips*
• lxd/rsync: Adds optional rsync arguments to LocalCopy
• lxd/storage/utils: Fixes ImageUnpack to not erase generated rootfs block file when doing rsync
• ethtool: don't report -1 for speed in ethtoolLink()
• lxd/storage/quota/projectquota: Fixes leaking file handles in quota_set_path and quota_get_path
• lxd/storage/quota/projectquota: Adds inherit argument to quota_set_path
• lxd/storage/quota/projectquota: Updates SetProject to recursively set project and support non-directory files
• lxd/storage/drivers/driver/dir/utils: Updates deleteQuota to use DeleteProject
• lxd/storage/drivers/driver/dir/volumes: Adds quota revert in CreateVolumeFromBackup post hook
• Always skip offline servers when rebalancing
• When demoting a voter to spare, transition to stand-by first
• test/clustering: Make sure that a killed voter can't dsirupt current leader
• lxd/cluster: Use a dedicated channel to stop the dqlite proxy
• lxd: Call Deamon.Kill() also when receiving signals (so db transactions won't be retried)
• lxd/db: Add Cluster.Kill() method to prevent retrying upon shutdown
• lxd/firewall/drivers/driver/nftables/templates: Fixes proxy nat rule dynamic family
• shared/util_linux.go: cast Rdev uint64 for mips
• lxd/storage/quota/projectquota.go: cast Rdev uint64 for mips
• lxd/device/device_utils_unix.go: cast Rdev uint64 for mips
• lxd/device/gpu.go: cast Rdev uint64 for mips
• shared: Reimplement GetPollRevents without cgo
• lxd-agent: Build statically
• Drop gccgo
• lxd-p2c: Drop cgo
• shared/ucred: Cleanup package
• lxd/api: Don't strip double slashes
• lxd/operations: Improve error message when database insertion fails
• lxd/db: Change UpdateCertificate to RenameCertificate (only renaming supported)
• lxd/db: Rename containers.go to instances.go
• shared/generate/db: Statement for deleting references (config and devices)
• lxd/db: Generate delete stements for profile config and devices
• shared/generate/db: update statement: take ID instead of natural key
• shared/generate/db: Handle config and devices in Update method
• lxd/db: Generate Update method for profiles
• lxd: Plug new UpdateProfile() db method into doProfileUpdate
• lxd: Plug new UpdateProfile() db method into updatePoolPropertyForAllObjects
• lxd/db: Generate delete statements for instance config, devices and profiles
• lxd/db: Generate UpdateInstance method
• lxd/instance: Plug the new UpdateInstance method and replace legacy logic
• lxd/db: Drop AddDevicesToEntity
• lxd/storage/drivers/driver/common: Logging quoting consistency
• lxd/storage/drivers: Adds storage_lvm_skipactivation patch
• test: Drive-by fix for flaky clustering rebalance test
• Recommend to increase the value of aio-max-nr for production use
• lxd/firewall/firewall/interface: Change definition of Compat() to return compat issue error
• lxd/firewall/drivers/driver/nftables: Updates Compat() to return compat issues as error
• lxd/firewall/drivers/drivers/xtables: Updates Compat() to return compat issues as error
• shared/simplestreams: Support uefi1.img
• lxd/firewall/firewall/load: Updates driver detection to warn when falling back to non-compatible xtables
• lxd/storage/pools: Improves delete pool error info
• instance_exec: don't panic
• lxd/qemu: Handle quoted raw.qemu
• lxd/main_forkproxy: Reduce logging
• lxd/networks: Warn on small IPv6 subnets
• lxd/network: Force DHCP custom gateway
• api: Add network_dns_search
• lxd/network: Support specifying search domain
• lxc/list: Add disk and memory columns
• i18n: Update translation template
• lxd/storage/drivers: Make sure tar reader context is cancelled before defer
• lxc/list: Fix test
• shared/archive: Wraps cancelFunc to wait until unpacker process has finished in CompressedTarReader
• lxd/cluster: Transfer leadership before adjusting roles, not after
• lxd/cluster: Add time skew detection
• test: Wait a few more seconds for the rebalance to happen
• lxd/daemon.go: Don't try to rebalance after shutdown sequence has started
• lxd/cluster: Don't try to rebalance a standalone node
• lxc/ucred: Simplify logic
• lxd/qemu: Cleanup arch checks
• lxd/qemu: Add s390x support
• lxd/api: Fail /internal/ready requests made after shutdown has started
• lxc/config: Add -e shorthand
• lxc/network: Add IPv4/IPv6 columns
• forkfile: port to using pidfds
• forkmount: port to using pidfds
• forkproxy: port to using pidfds
• syscall_numbers: update
• forknet: port to pidfds
• forkuevent: port to pidfds
• forksyscall: port to pidfds
• daemon: record "pidfd" extension
• api: Add container_nic_routed_limits
• lxd/device/nic/routed: Add limits support
• lxd/storage/lvm: Correct bad VG name in patch
• shared/subprocess: Better handle slow systems
• tests: Don't assume bridge MTU can be forced up
• lxd/db: Use query.SelectString helper in GetLocalImages()
• lxd/db: Use query.SelectString helper in GetImagesFingerprints()
• shared/generate/db: Support int64 fields
• lxd/db: Initial code generation for images (without references)
• lxd/db: Use the generated GetImages code to implement GetExpiredImages
• lxd/db: Use query.SelectObjects helper in GetImageSource
• lxd/db: Use query.SelectStrings helper in ImageSourceGetCachedFingerprint
• lxd/db: Use query.Count helper in ImageExists
• lxd/db: Use query.Count helper in ImageIsReferencedByOtherProjects
• lxd/db: Use query.UpsertObject helper in CreateImageSource
• lxd/db: Use auto-generated GetImages() to implement GetImage()
• lxd/cluster: Drive-by fix for flaky rebalance test
• lxd/db: Use auto-generated GetImages to implement GetImageFromAnyProject
• lxd/db: Usage query.DeleteObject to implement DeleteImage
• lxd/db: Use query.SelectStrings to implement GetImageAliases
• lxd/db: Use a single transaction in GetImageAlias
• lxd/db: Use a single transaction in DeleteImageAlias
• lxd/db: Use single transaction in CreateImageAlias
• lxd/db: Usage single transaction in CreateImage
• lxd/db: Use query.SelectIntegers helper in GetPoolsWithImage
• lxd/db: Use a single transaction in GetPoolNamesFromIDs
• lxd/db: Use explicit transaction in GetInstanceProjectAndName
• lxd/db: Drop unused DeleteInstanceConfig
• fork*: add "--" to not misinterpret negative integers as flags
• lxd/storage/utils: Removes unused name arg from VolumeFillDefault
• lxd/instance/drivers: storagePools.VolumeFillDefault usage
• lxd/patches: driver.VolumeFillDefault usage
• lxd/storage/utils: VolumeFillDefault usage
• lxd/storage/utils: Updates VolumeValidateConfig to require volume type
• lxd/storage/utils: Adds VolumeDBTypeToType function
• lxd/storage/utils: Updates VolumeDBCreate to pass volume type
• lxd/storage/drivers/utils: Updates ensureVolumeBlockFile to reject unsafe volume shrinking
• lxd/storage/drivers/geneirc/vfs: Removes genericVFSResizeBlockFile
• lxd/storage/drivers: ensureVolumeBlockFile usage
• lxd/storage/drivers/volume: Adds SetQuota function
• lxd/storage/drivers/volume: Adds config functions
• lxd/storage/drivers/driver/lvm/utils: Removes functions moved into Volume struct
• lxd/storage/drivers/driver/lvm/utils: Usage of volume config functions
• lxd/storage/drivers/driver/lvm/volumes: Volume config function usage
• lxd/storage/drivers: Replace volumeSize() with vol.ConfigSize()
• forknet: add missing "--" to forknet invocation on detach
• process_utils: remove a bunch of unused functions
• lxd: Make use of ExitCode
• share/subprocess: Reduce sleep back to 5
• lxd/instances/lxc: Fix calls to forknet
• forkmount: prevent interpreting negative numbers as flags
• shared/subprocess: Ensure monitor routine exits
• shared/subprocess: Properly reset state
• tests: Fix btrfs test on non-shiftfs
• tests: Old kernels don't let you rmdir btrfs
• shared/subprocess: Fix Stop handling
• lxd/storage/utils: Updates ImageUnpack to detect too small volume for qcow2 image and increase size before unpack
• lxd/storage/utils: Adds checks to ImageUnpack before enlarging volume
• lxd/storage/drivers/driver/types: Updates VolumeFiller Fill function to take a Volume
• lxd/storage: Updates volume filler usage to supply Volume rather than mount path
• lxd/storage/drivers/volume: Adds ConfigSizeFromSource function
• lxd/storage/drivers/driver/lvm/utils: Updates copyThinpoolVolume to only use vol.config["size"] for resizing
• lxd/storage/drivers/driver/lvm/utils: Updates Volume type in createLogicalVolumeSnapshot definition
• lxd/storage/drivers/driver/common: Adds runFiller function
• lxd/storage/backend/lxd: Updates imageFiller to return volume size
• lxd/storage/backend/lxd: Updates CreateInstanceFromImage to load image vol DB record
• lxd/storage/backend/lxd: Updates EnsureImage to record volatile.rootfs.size for block images
• lxd/storage/drivers/driver/types: Updates VolumeFiller definition to store size
• lxd/storage/utils: Validates volatile.rootfs.size key for image volumes in validateVolumeCommonRules
• lxd/storage/utils: Updates ImageUnpack to return image virtual size
• lxd/storage/drivers/driver/btrfs/volumes: d.runFiller usage
• lxd/storage/drivers/driver/ceph/volumes: d.runFiller usage
• lxd/storage/drivers/driver/cephfs/volumes: d.runFiller usage
• lxd/storage/drivers/driver/dir/volumes: d.runFiller usage
• lxd/storage/drivers/driver/lvm/volumes: d.runFiller usage
• lxd/storage/drivers/driver/zfs/volumes: d.runFiller usage
• lxd/storage/drivers/volume: Adds SetConfigSize function
• lxd/storage/backend/lxd: Updates CreateInstanceFromImage to use vol.ConfigSizeFromSource to dervice volume size
• lxd/storage/drivers: Updates CreateVolumeFromCopy to only use vol.config["size"] for resizing
• lxd: Reduce number of transactions in containerPostClusteringMigrate
• lxd/db: Use query.SelectStrings helper in LegacyContainersList
• lxd/db: Rename dbDeviceTypeToString to deviceTypeToString
• lxd/db: Group ClusterTx image methods together
• lxd/db: Rename ImageSourceGetCachedFingerprint to GetCachedImageSourceFingerprint
• lxd/storage/drivers/utils: ensureVolumeBlockFile comment clarification
• lxd/storage/drivers/utils: Renames BlockDevSizeBytes to BlockDiskSizeBytes
• lxd/storage/utils: drivers.BlockDiskSizeBytes usage
• lxd/storage/utils: Simplifies InstanceDiskBlockSize with drivers.BlockDiskSizeBytes usage
• lxd/storage/drivers/generic/vfs: Simplifies genericVFSBackupVolume with drivers.BlockDiskSizeBytes usage
• lxd/storage/backend/lxd: Whitespace in CreateInstanceFromBackup
• lxd/storage/drivers/driver/ceph/volumes: BlockDiskSizeBytes usage in SetQuota
• lxd/storage/drivers: Updates dir and btrfs to support filler volume enlargement
• lxd/db: Group ClusterTx instance methods together
• lxd/db: Rename AddProfilesToInstance to addProfilesToInstance
• lxd/db: Move instance backup methods to backups.go
• lxd/db: Rename InstanceBackupArgs to InstanceBackup
• lxd/db: Remove unused profile functions
• lxd/db: Move storage volumes methods to storage_volumes.go
• lxd/storage/drivers/volume/test: Adds tests for Volume.ConfigSizeFromSource()
• forkuevent: fix slice allocation
• lxd/images: Set CreatedAt on publish
• unix-hotplug: fix uevent injection
• lxd: New command line option to trace SQL statements
• lxd/firewall/drivers/drivers/xtables: Updates iptablesInUse to kill process once first rule found
• lxd/backup: Fixes hang in backupCreate when invalid compression argument supplied
• lxd/storage/utils: Removes duplicated qemu-img call in ImageUnpack
• lxd/storage/utils: Switch to qemu-img dd mode in ImageUnpack
• lxd/storage/drivers/utils: Exports MinBlockBoundary
• lxd/storage/drivers: MinBlockBoundary usage
• lxd/resources: Handle missing cache size/type
• Update documentation with backup compression
• lxd/rbac: New notification API
• lxd/firewall/nft: Enhance support detection
• lxd/device/device/utils/network: Adds networkValidVLAN and networkValidVLANList functions
• lxd/network/network/utils: Adds linux bridge VLAN management functions
• lxd/network: Enable VLAN filtering for managed Linux bridges
• lxd/device/nic: Changes nicValidationRules to properly validation vlan
• lxd/device/nic/bridged: Adds vlan validation
• lxd/device/nic/bridged: Adds revert for veth pair cleanup on error
• lxd/device/nic/bridged: Adds support for untagged and tagged vlan membership
• doc: Documents NIC bridged vlan and vlan.tagged settings
• api: Adds API extension instance_nic_bridged_vlan
• lxd/firewall/drivers/drivers/xtables: Drops tagged vlan frames when using IP filtering
• lxd/firewall/drivers/drivers/nftables: Drops tagged vlan frames when using IP filtering
• test: Adds bridged VLAN tests
• Fix regression in GetImageFromAnyProject
• doc/security: Adds notes about IPv6 router advertisement security
• lxd/device/nic/bridged: Corrects vlan comment
• lxd/network/network/utils: Improve comments on ovs switch attach/detach
• lxd/network/network/utils: Improves arg name in network attach/detach functions
• lxd/device/bic/bridged: Fixes openvswitch port leak when device is stopped
• lxd/network/utils: Adds IsNativeBridge function
• lxd/device/device/utils/network: Allow VLAN ID 0 in networkValidVLAN
• test: Updates bridged vlan ID range tests
• lxd/device/nic/bridged: Adds openvswitch vlan support
• test: Adds LXD_NIC_BRIDGED_DRIVER test environment variable
• lxd/maas: Fix support for multiple subnets
• lxd/maas: Support projects
• lxd/dnsmasq: Add project suffix
• Remove incorrect statement about supported network devices with virtual machines According documentation supported types with virtual machines are physical, bridged, macvlan, p2p, sriov
• lxd/rbac: Fix auth for non-RBAC trusted clients
• global: Add riscv64 to build tags
• Stop using Driver.SetContextTimeout() which is a no-op
• use the coreos fork of boltdb since the original is archived/abandoned
• i18n: Update translations from weblate
• api: Add network_state_bond_bridge
• shared/api: Extend NetworkState for bridge/bond
• lxd/networks: Add bridge/bond details

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 4.1 リリースのお知らせ¶

8th of May 2020

はじめに ¶

LXD チームは、LXD 4.1 のリリースをお知らせすることにとてもワクワクしています！

このリリースは 4.0 LTS リリースに続く初めてのフィーチャーリリースです。 通常のフィーチャーリリースですので、LXD 4.1 は、通常は約 1 ヶ月後にリリースされる 4.2 リリースまでのみサポートされます。

変更の大部分は、4.0 リリース以来行ってきたバグフィックスとリファクタリングです。しかし、多数の小さい機能の追加や改良が多数あります。

Enjoy!

新機能とハイライト ¶

イメージのプッシュとリレーのサポート ¶

インスタンスのコピー・移動と同様に、ソースサーバーが直接ターゲットサーバーにイメージをプッシュしたり、クライアントツールがサーバー間を中継したりできるようになりました。

これにより、サーバー間に存在するファイアウォールに対応するのが容易になります。

lxc image copy source:some-image target: --mode=push
lxc image copy source:some-image target: --mode=relay

routed NIC デバイスのルーティングテーブルサポート ¶

routed NIC デバイスに新たにオプションがふたつ追加されました:

• ipv4.host_table
• ipv6.host_table

このオプションは、どのルーティングテーブルにルーティングルールを挿入するかをコントロールします。 デフォルトでは、これはメインのルーティングテーブルですが、これを有効にすることで代替のルーティングテーブルを使いたいというユーザーがいました。

ipvlan NIC デバイスの L2 モード ¶

LXD の ipvlan デバイスはデフォルトでは Layer 3 シンメトリックモード（l3s）です。しかし、新たな mode オプションが導入され、Layer 2 モード（l2）も使えるようになりました。

リソース API の調整 ¶

新たに system セクションが追加され、多数の DMI フィールドと LXD を実行するのに使っているシステムのタイプ（物理、仮想、コンテナ）が表示されるようになりました。

加えて、NUMA ノードが CPU スレッドレベルでトラッキングされるようになり、CPU ダイの情報もコアレベルで記録されるようになりました。

次は CPU 出力の例です:

stgraber@castiana:~$ lxc query /1.0/resources | jq .cpu
{
  "architecture": "x86_64",
  "sockets": [
    {
      "cache": [
        {
          "level": 1,
          "size": 32768,
          "type": "Data"
        },
        {
          "level": 1,
          "size": 32768,
          "type": "Instruction"
        },
        {
          "level": 2,
          "size": 262144,
          "type": "Unified"
        },
        {
          "level": 3,
          "size": 3145728,
          "type": "Unified"
        }
      ],
      "cores": [
        {
          "core": 0,
          "die": 0,
          "frequency": 639,
          "threads": [
            {
              "id": 0,
              "numa_node": 0,
              "online": true,
              "thread": 0
            },
            {
              "id": 2,
              "numa_node": 0,
              "online": true,
              "thread": 1
            }
          ]
        },
        {
          "core": 1,
          "die": 0,
          "frequency": 658,
          "threads": [
            {
              "id": 1,
              "numa_node": 0,
              "online": true,
              "thread": 0
            },
            {
              "id": 3,
              "numa_node": 0,
              "online": true,
              "thread": 1
            }
          ]
        }
      ],
      "frequency": 648,
      "frequency_minimum": 400,
      "frequency_turbo": 3500,
      "name": "Intel(R) Core(TM) i5-7300U CPU @ 2.60GHz",
      "socket": 0,
      "vendor": "GenuineIntel"
    }
  ],
  "total": 4
}

次はシステム出力の例です:

stgraber@castiana:~$ lxc query /1.0/resources | jq .system
{
  "chassis": {
    "serial": "PF0QD1U7",
    "type": "Notebook",
    "vendor": "LENOVO",
    "version": "None"
  },
  "family": "ThinkPad X1 Carbon 5th",
  "firmware": {
    "date": "02/17/2020",
    "vendor": "LENOVO",
    "version": "N1MET60W (1.45 )"
  },
  "motherboard": {
    "product": "20HRCTO1WW",
    "serial": "L1HF6CX006Y",
    "vendor": "LENOVO",
    "version": "Not Defined"
  },
  "product": "20HRCTO1WW",
  "serial": "PF0QD1U7",
  "sku": "LENOVO_MT_20HR_BU_Think_FM_ThinkPad X1 Carbon 5th",
  "type": "physical",
  "uuid": "7fa1c0cc-2271-11b2-a85c-aab32a05d71a",
  "vendor": "LENOVO",
  "version": "ThinkPad X1 Carbon 5th"
}

サーバー情報への OS データの追加 ¶

OS 情報が /1.0 と lxc info で出力されるようになりました:

stgraber@castiana:~$ lxc info | grep os_
  os_name: Ubuntu
  os_version: "20.04"

新たな lxd cluster remove-raft-node コマンド ¶

この新たに追加されたコマンドは、LXD がデータベースのクオラムの不足で起動できない場合に、強制的にデータベースメンバーを削除するのに使えます。

コマンドラインツールの表のソートの改良 ¶

リストは自然な順序でソートされるようになり、番号付きのアイテムが適切にソートされるようになりました。 加えて、ボリュームのリストでは、スナップショットが親のすぐ後に表示されるようになりました。

すべての変更点（翻訳なし）¶

以下はこのリリースでの全変更の完全なリストです:

• doc/instances: Fix escaping
• lxc/network: Updates network detach checks to use bridged network property
• lxd/network/network/utils: Updates network setting detection in IsInUse
• lxd/instance/drivers/driver/qemu: Adds host_name info to RenderState when lxd-agent is running
• Merge pull request #7115 from tomponline/tp-bridged-network
• lxd/networks: Fix clustered configs
• Merge pull request #7114 from stgraber/master
• shared/api: Move NUMANode to thread
• lxd/resources: Set NUMANode on a per-thread basis
• lxc/info: Update for NUMANode on thread
• i18n: Update translation templates
• api: resources_cpu_threads_numa
• Merge pull request #7118 from stgraber/master
• api: resources_cpu_core_die
• lxd/resources: Parse and report die_id
• lxd/storage/drivers/driver/lvm/volumes: Mount xfs snapshot with nouuid option
• Merge pull request #7120 from stgraber/master
• lxd/storage/drivers/driver/ceph/volumes: Adds mounting logging
• lxd/instance/drivers/driver/lxc: Updates Render() to accept options arguments
• lxd/instance/drivers/driver/qemu: Updates Render() to accept options arguments
• lxd/instance/instance/interface: Updates Render() to accept options arguments
• lxd/storage/drivers/utils: Zeros btrfs transaction log in regenerateFilesystemBTRFSUUID
• lxd/storage/utils: Removes unused functions and constants
• lxd/storage/utils: Adds RenderSnapshotUsage function
• lxd/instance/snapshot: Adds storagePools.RenderSnapshotUsage to Render() in containerSnapshotsGet and snapshotGet
• lxd/instance/drivers/driver/lxc: Use storagePools.RenderSnapshotUsage in RenderFull()
• lxd/instance/drivers/driver/qemu: Use storagePools.RenderSnapshotUsage in RenderFull()
• lxd/instance/instance/utils: Removes unused WriteBackupFile
• lxd/storage/drivers/utils: Changes regenerateFilesystemUUID to use expanded arg definitions
• lxd/storage/drivers/driver/ceph/utils: Changes generateUUID to not map device
• lxd/storage/drivers/driver/ceph/volumes: d.generateUUID updated signature usage
• lxd/storage/drivers/driver/ceph/volumes: Adds BTRFS UUID regeneration to MountVolumeSnapshot
• lxd/storage/drivers/driver/zfs/volumes: Comment clarification
• lxd/storage/drivers/volume: Adds support for setting custom mount path
• lxd/storage/drivers/driver/btrfs/volumes: Create temporary snapshot in BackupVolume()
• lxd/storage/drivers/driver/btrfs/volumes: Renames container vars to instance
• lxd/storage/drivers/driver/btrfs/volumes: Consistent quoting of error message variables
• Merge pull request #7117 from tomponline/tp-storage-mountsnapshots-uuid
• Merge pull request #7122 from tomponline/tp-storage-export-snapshots
• lxd/main_activateifneeded: s/container/instance/
• lxd/instance/drivers: Removes storagePools.RenderSnapshotUsage from RenderFull()
• lxd/storage/drivers/driver/zfs/volumes: Create temporary snapshot in BackupVolume()
• lxd/storage/backend/lxd: Checks for existance of volume before deleting
• lxd/instance: Switches to revert package for instanceCreateAsSnapshot
• lxd/storage/backend/lxd: Comment tweak
• lxd/storage/drivers/driver/ceph/volumes: Tweaks HasVolume detection
• Merge pull request #7129 from tomponline/tp-storage-renderfull
• Merge pull request #7131 from tomponline/tp-storage-export-snapshots-zfs
• shared/subprocess/proc: Fixes race in process stopping
• Merge pull request #7132 from tomponline/tp-storage-delete-volume-checks
• lxd/main_activateifneeded: Retrieve all instances
• lxd/main_activateifneeded: Check for scheduled instance snapshots
• lxd/main_activateifneeded: Check for scheduled volume snapshots
• test/suites/basic: Update activateifneeded tests
• lxd/main_activateifneeded: Use defer statement to close db
• Merge pull request #7128 from monstermunchkin/issues/7126
• lxd/storage/btrfs: Workaround permission issue
• Merge pull request #7134 from stgraber/master
• lxd/cluster: add RemoveRaftNode() to force removing a raft node
• api: Add "DELETE /internal/cluster/raft/
  " endpoint
• Increase timeout when calling dqlite.Client.Add() to join the cluster
• Merge pull request #7139 from freeekanayaka/increase-join-timeout
• lxd/storage/drivers/driver/zfs/volumes: Comment
• lxd/storage/drivers/driver/lvm/volumes: Always return -1/ErrNotSupported for snapshot usage
• lxd/storage/drivers/driver/dir/volumes: Always return -1/ErrNotSupported for snapshot usage
• lxd/storage/drivers/driver/zfs/volumes: Always used 'used' property for ZFS snapshot usage
• lxd/storage/drivers/driver/cephfs/volumes: Always return -1/ErrNotSupported for snapshot usage
• lxd/storage/drivers/driver/btrfs/volumes: Return -1/ErrNotSupported when no quota available
• lxd/instance: Fix typo in comment
• lxc/action: Fix typo in help message
• i18n: Update translation templates
• Merge pull request #7142 from stgraber/master
• lxd: Add "lxd cluster remove-raft-node" recovery command
• doc: Add paragraph about "lxd cluster remove-raft-node"
• test: Add test exercising "lxd cluster remove-raft-node"
• Merge pull request #7141 from tomponline/tp-storage-snapshot-usage
• Merge pull request #7138 from freeekanayaka/remove-raft-node
• lxd/storage/lvm: Always call vgchange on mount
• Merge pull request #7146 from stgraber/master
• lxd/patches: Fix snapshot migration
• tests: Fix btrfs storage usage
• Merge pull request #7147 from stgraber/master
• lxd/storage/drivers/volume: Only chmod if needed in EnsureMountPath
• lxd/storage/drivers/volume: Removes unnecessary variable
• lxd/storage/drivers/driver/zfs/volumes: Ensure volumes created from copy have correct perms
• lxd/storage/drivers: Call EnsureMountPath() in MountVolume()
• lxd/storage/drivers: Call EnsureMountPath() in MountVolumeSnapshot()
• lxd/storage/drivers/driver/btrfs/volumes: Adds revert to CreateVolume
• lxd/storage/drivers/driver/btrfs/volumes: Comment in CreateVolumeFromCopy
• lxd/storage/drivers/driver/lvm/utils: EnsureMountPath after copying thin volume
• lxd/storage/drivers/driver/cephfs/volumes: typo
• lxd/storage/drivers/driver/cephfs/volumes: Calls vol.EnsureMountPath after filling
• lxd/storage/drivers/driver/ceph/volumes: Calls EnsureMountPath to fix perms after copying volume
• lxd/storage/drivers/driver/lvm/volumes: Fixes temporary snapshot volume cleanup for VMs
• Merge pull request #7144 from tomponline/tp-storage-snapshot-mnt-create
• lxd/storagr/drivers/driver/ceph/volumes: Adds support for snapshot usage reporting
• lxd/storage/drivers/driver/lvm/volumes: Clarifies comments on LVM volume usage reporting
• Merge pull request #7151 from tomponline/tp-storage-ceph-snapshot-usage
• shared/osarch: Coding style
• shared/osarch: Don't fail on missing os-release
• shared/api: Add OS information
• lxd/api: Add OS information
• api: Add api_os
• lxc: Use natural string sorting
• lxc: Group snapshot and parent
• lxd/main: Move forkzfs mntns to cgo
• Merge pull request #7154 from stgraber/master
• Merge pull request #7155 from stgraber/cli
• Merge pull request #7156 from stgraber/zfs
• doc/networks: Adds note about firewalld and DHCP/DNS
• Merge pull request #7158 from tomponline/tp-bridged-firewalld
• lxd/device/nic/routed: Improves validation of sysctl settings when using vlan option
• lxd/device/nic/routed: Corrects misleading error message when setting sysctls
• Merge pull request #7159 from tomponline/tp-nic-routed-validation
• lxd/storage/drivers/generic/vfs: Log when creating snapshots
• lxd/storage/drivers/driver/zfs/volumes: Fix migrating VM block volumes in MigrateVolume
• lxd/storage/memorypipe: Adds context support for cancellation
• lxd/storage/backend/lxd: memorypipe cancellation usage
• lxd/device/nic/sriov: Updates networkGetVirtFuncInfo to use json output from ip tool
• Merge pull request #7160 from tomponline/tp-storage-vm-migration
• doc: Add missing os_api extension
• Merge pull request #7165 from stgraber/master
• Merge pull request #7163 from tomponline/tp-nic-sriov
• lxd/storage/drivers/driver/dir/utils: Removes default project quota
• Merge pull request #7166 from tomponline/tp-storage-dir-quota
• forkexec: mark fd cloexec so the attaching process doesn't inherit it
• Merge pull request #7167 from brauner/2020-04-10/fixes
• forkexec: close all inherited fds
• Merge pull request #7168 from brauner/2020-04-10/fixes
• forkexec: log unexpected fds
• Merge pull request #7169 from brauner/2020-04-10/fixes
• lxd/daemon: Ignore .zfs in volumes
• Merge pull request #7170 from stgraber/master
• lxd/network: Push MTU over DHCP
• Merge pull request #7171 from stgraber/master
• shared/api: Drop invalid Managed key in NetworksPost
• lxd: Drop invalid use of Managed property
• Merge pull request #7173 from stgraber/network
• lxd/devices/disk: Prevent recursive & readonly
• Merge pull request #7177 from stgraber/master
• lxc/instance/drivers: Set new name before renaming backups
• test: Extend backup rename
• lxd/instance/drivers: Add revert steps when renaming instance
• Merge pull request #7182 from monstermunchkin/issues/7176
• lxd/instance/drivers/driver/qemu: Allow up to 8 NIC devices
• lxd/instance/drivers/driver/qemu/templates: Note that lxd_ disk device name prefix should not be changed
• Merge pull request #7185 from tomponline/tp-vm-pci
• Merge pull request #7183 from tomponline/tp-vm-device-comment
• doc/instances: Clarify config conditions
• doc/index: Clarify bind-mount in FAQ
• Merge pull request #7186 from stgraber/master
• lxd/instances: Better use userRequested on Update
• Merge pull request #7190 from stgraber/master
• lxd/device/nic: Adds host_table setting validation rule
• lxd/device/nic/routed: Fix sysctl command suggestion when using vlans
• lxd/device/nic/routed: Add host_table support
• api: Adds container_nic_routed_host_table extension
• doc: Adds documentation for routed NIC host_table setting
• suites/container/devices/nic/routed: Adds tests for custom routing tables
• Merge pull request #7192 from tomponline/tp-nic-routed-hosttable
• lxd/device/nic/ipvlan: Improve validation of sysctl settings when vlan setting used
• lxd/device/nic/ipvlan: Adds host_table setting support
• api: Adds container_nic_ipvlan_host_table extension
• doc: Adds documentation for ipvlan NIC host_table setting
• test/suites/container/devices/nic/ipvlan: Adds tests for custom routing tables
• test/clustering: increase timing to detect offline node
• Merge pull request #7193 from tomponline/tp-nic-ipvlan-hosttable
• api: Adds container_nic_ipvlan_mode extension
• lxd/device/nic/ipvlan: Adds support for l2 mode
• doc/instances: Documents ipvlan l2 mode
• test/suites/container/devices/nic/ipvlan: Adds l2 mode tests
• Merge pull request #7197 from freeekanayaka/tweak-clustering-membership-test-timings
• Merge pull request #7196 from tomponline/tp-nic-ipvlan-l2
• shared/version/api: Add resources_system API extension
• doc/api-extensions: Add resources_system
• shared/api/resource: Add system resources
• lxd/resources: Add new system resources
• lxd/resources: Retrieve system information
• shared/util: Never look into the snap
• Merge pull request #7194 from monstermunchkin/issues/7189
• Merge pull request #7198 from stgraber/master
• lxd/resources: serial/uuid may not be accessible
• Merge pull request #7201 from stgraber/master
• doc/instances: Fixes default ceph.cluster_name value
• lxd/device/disk: Adds support to use ceph: prefix for disk source for VMs
• Merge pull request #7206 from tomponline/tp-vm-disk-ceph
• firewalld & lxd : how to let Firewalld control the LXD's iptables rules this is related to https://github.com/lxc/lxd/pull/7195 but this a bit more generic
• Update networks.md
• Merge pull request #7204 from kerphi/patch-2
• doc/networks: Fix typo
• i18n: Update translations from weblate
• Update networks.md
• Merge pull request #7210 from ckd/patch-1
• lxd/storage/ceph: Suppport alternate conf syntax
• Merge pull request #7211 from stgraber/master
• lxd/init: Try to bind LXD network address when running interactively
• lxd/instance/drivers/driver/qemu/templates: Use static PCIe address prefix for 9p devices
• lxd/instance/drivers/drivers/qemu: Adds support for 9p disk device PCIe indexes
• Merge pull request #7213 from freeekanayaka/validate-listen-address
• Merge pull request #7214 from tomponline/tp-vm-pcie
• lxd/device/nic/bridged: Dont load br_netfilter
• Merge pull request #7217 from tomponline/tp-nic-bridged-brnetfilter
• doc/instances: Fix swapped description
• Merge pull request #7219 from stgraber/master
• index.md: add PATH env variable to sudo command example
• Merge pull request #7220 from rafaeldtinoco/master
• shared/simplestreams: Fix VM image preference
• Merge pull request #7225 from stgraber/master
• lxd/devoce/device/utils/disk: Comment on diskCephfsOptions
• lxd/device/disk: Adds cephfs support for VMs
• lxd/device/proxy: Check for br_netfilter enabled and log warning if not
• lxd/firewall/drivers/driver/xtables: Adds MASQUERADE hairpin proxy NAT rule
• lxd/firewall/drivers/drivers/xtables: comments
• Merge pull request #7226 from tomponline/tp-vm-disk-cephfs
• lxd/device/proxy: Sets bridge port hairpin mode on when br_netfilter loaded
• lxd/firewall/drivers/drivers/xtables: Renames toDest to connectDest
• lxd/firewall/drivers/drivers/nftables: Renames toDest to connectDest
• lxd/init: Improve error messages when failing to bind an address
• lxd/firewall/drivers/drivers/nftables: Adds MASQUERADE hairpin proxy NAT rule
• Merge pull request #7227 from freeekanayaka/improve-cant-listen-error-message
• test/suites/container/devices/proxy: Updates tests for checking hairpin rule
• Merge pull request #7228 from tomponline/tp-nic-bridged-nat-hairpin
• lxd/instance/drivers/driver/qemu: Wait for onStop when restarting
• lxd/instance/drivers/driver/qemu: Makes onStop unexported
• lxd/instance/drivers/driver/qemu: Comment
• Merge pull request #7229 from tomponline/tp-vm-restart
• lxd/instance/lxc: Don't crash in setNetworkPriority
• Merge pull request #7230 from stgraber/master
• lxd/instances: Export type to templates
• lxd-agent: Reboot after cloud-init seed
• lxd/util: Tweak NetworkInterfaceAddress to only return global
• Merge pull request #7231 from stgraber/master
• Merge pull request #7232 from stgraber/net
• lxd/net/util: Updates comment on NetworkInterfaceAddress behaviour change
• Merge pull request #7234 from tomponline/tp-util-networkinterfaceaddress
• shared/usbid: Use system database
• Merge pull request #7235 from stgraber/master
• lxd-agent: Support systemd-notify
• lxd/qemu: Switch default unit type to notify
• Merge pull request #7236 from stgraber/master
• lxd/storage/backend/lxd: Updates CreateInstanceFromImage to use reverter
• lxd/storage/drivers/errors: Adds ErrCannotBeShrunk error
• lxd/storage/drivers/utils: Updates to shrinkFileSystem ErrCannotBeShrunk error
• lxd/storage/backend/lxd: Updates CreateInstanceFromImage to detect ErrCannotBeShrunk
• lxd/storage/drivers: Returns ErrCannotBeShrunk when block volume cannot be shrunk
• lxd/device/proxy: Dont allow proxy_protocol to be set when in nat mode
• lxd/device/proxy: Dont wrap lines
• lxd/device/proxy: Improves validation
• test/suites/container/devices/proxy: Updates tests with new validation rules
• Merge pull request #7238 from tomponline/tp-storage-cached-size
• lxd: Updates snapshotProtobufToInstanceArgs to support instance type
• Merge pull request #7240 from tomponline/tp-proxy-validation
• Merge pull request #7241 from tomponline/tp-migration-inst-type
• lxd/qemu: Match basic NUMA layout
• Merge pull request #7243 from stgraber/master
• lxd/storage/drivers/driver/zfs/volumes: Delete volume on error in CreateVolumeFromCopy
• lxd-agent/main/agent: Adds comment about reason for systemd-notify usage
• Merge pull request #7245 from tomponline/tp-vm-agentstart
• lxd/cgroup: Fix memory controller detection
• Merge pull request #7244 from tomponline/tp-storage-zfz-revert
• lxd/migration/migrate/proto: Fix alignment
• lxd/migration: Adds volumeSize field to MigrationHeader
• lxd/migrate: Adds VolumeSize to MigrationSinkArgs
• lxd/migration/migration/volumes: Adds VolumeSize to VolumeTargetArgs
• lxd/migrate/instance: Use VolumeSize from offer header in Do()
• lxd/storage/backend/lxd: Use VolumeSize from migration header in CreateInstanceFromMigration
• lxd/storage/drivers: Exports BlockDevSizeBytes function
• lxd/storage/utils: Adds InstanceDiskBlockSize
• lxd/migrate/instance: Populate offerHeader.VolumeSize for VMs
• lxd/storage/backend/lxd: Adds VM volume size hint to CreateInstanceFromCopy
• Merge pull request #7248 from stgraber/master
• Merge pull request #7246 from tomponline/tp-migration-volsize
• lxd/device/utils: Do not add the Ceph mon port if already present in /etc/ceph config file
• Merge pull request #7249 from leopaul36/master
• lxd/instance/qemu: Add comment on cpuTopology
• lxd/storage/ceph: Support port in URL
• Merge pull request #7251 from stgraber/master
• lxd/storage/drivers/utils: Makes minBlockBoundary available to other functions
• lxd/storage/drivers/driver/zfs/utils: Updates createVolume to use minBlockBoundary
• lxd/storage/drivers/driver/zfs/volumes: Updates SetVolumeQuota to use minBlockBoundary
• lxd/storage/drivers/zfs/volumes: Updates CreateVolume to allow regeneration of deleted image volumes
• lxd/storage/drivers/driver/zfs/volumes: Dont revert on rename success
• Merge pull request #7250 from tomponline/tp-storage-image-regeneration
• shared/version/api: Add API extension images_push_relay
• doc: Add images_push_relay
• client/interfaces: Add Mode to ImageCopyArgs
• lxc/image: Add mode flag to image copy
• client: Add relay mode for image copy
• lxd/images: Return token response in push mode
• lxd/images: Allow authentication using secret
• shared/api/image: Add ImageExportPost
• client: Add ExportImage to ImageServer
• lxd/images: Add POST /1.0/images/fingerprint/export
• client: Add push mode for image copy
• client: Add GetOperationWaitSecret
• lxd/images: Use metadata from the client
• lxd/images: Return operation on token validation
• lxd/images: Add secret metadata on image create
• client/lxd_images: Set fingerprint and secret headers
• lxd/operations: Allow untrusted clients for /1.0/operations/{id}/wait
• doc/rest-api: Add POST /1.0/images//export
• test/suites/remote: Add image copy push and relay mode
• po: Update translations
• lxd/daemon: Remove duplicated logic
• Merge pull request #7130 from monstermunchkin/issues/6805
• lxd/instance/qemu: Announce LXD in SMBIOS
• Merge pull request #7255 from stgraber/master
• share/usbid: Don't print error when missing
• Merge pull request #7257 from stgraber/master
• lxd/init: Auto-detect and use Ubuntu ZFS setup
• Merge pull request #7261 from stgraber/master
• lxc/config: Add --expanded to get
• i18n: Update translation templates
• Merge pull request #7267 from stgraber/master
• Resolve both core.https_address and cluster.https_address when comparing IPs
• Merge pull request #7269 from freeekanayaka/allow-using-hostnames-as-cluster-addresses
• lxd/storage/drivers/generic/vfs: Skip missing files during export
• Merge pull request #7271 from tomponline/tp-backup-walk-missing
• lxd/images: Fixes hang in export when invalid --compression argument passed
• Merge pull request #7272 from tomponline/tp-export-hang
• lxd/storage/drivers/driver/btrfs/volumes: CreateVolumeFromCopy only use expanded volume size when source is image
• Merge pull request #7276 from tomponline/tp-storage-createfromcopy-size-btrfs
• lxd/storage/drivers/driver/ceph/volumes: Allow cached volume regeneration in CreateVolume
• lxd/storage/drivers/driver/ceph/utils: Uses defaultBlockSize rather than hardcoded 10GB
• lxd/storage/drivers/driver/ceph/volumes: Adds getVolumeSize function
• lxd/storage/drivers/driver/ceph/volumes: Removes unnecessary mount/unmount
• lxd/storage/drivers/driver/zfs/volumes: Clarify clone comments
• lxd/storage/drivers/driver/ceph/volumes: Dont wrap lines
• lxd/storage/drivers/driver/ceph/volumes: Dont use clone mode when creating volume from cached image when it is disabled
• lxd/storage/utils: VolumeDBCreate comment formatting
• lxd/storage/drivers/driver/lvm/volumes: CreateVolumeFromCopy only set volume size from expanded config when source is image
• lxd/storage/drivers/driver/zfs/volumes: CreateVolumeFromCopy only set volume size from expanded config when source is image
• lxc/storage/drivers/driver/ceph/utils: Reworks parseParent to return a Volume struct
• lxd/storage/drivers/driver/ceph/utils: Adds tests for parseParent
• lxd/storage/drivers/driver/ceph/utils: Adds cephVolumeTypeZombieImage constant
• lxd/storage/drivers/driver/ceph/utils: Updates rbdCreateVolume to accept string size
• lxd/storage/drivers/driver/ceph/utils: Pass volume config in rbdMarkVolumeDeleted
• lxd/storage/drivers/driver/ceph/utils: Pass volume config in rbdRenameVolume
• lxd/storage/drivers/driver/ceph/utils: Replaces getRBDSize with volumeSize
• lxd/storage/drivers/driver/ceph/utils: Dont wrap lines
• lxd/storage/drivers/driver/ceph/utils: Updates usage of d.parseParent in deleteVolume
• lxd/storage/drivers/driver/ceph/utils: Updates RBD naming logic in getRBDVolumeName
• lxd/storage/drivers/driver/ceph/volumes: Ensures CreateVolumeFromCopy correctly sizes new volume
• lxd/storage/drivers/driver/ceph/volumes: If volume doesnt exist in DeleteVolume do nothing
• lxd/storage/drivers/driver/ceph/utils: Dont wrap lines
• lxd/db: Rename CertificatesGet to GetCertificates
• lxd/db: Rename CertificateGet to GetCertificate
• lxd/db: Rename CertSave to CreateCertificate
• lxd/db: Rename CertDelete to DeleteCertificate
• lxd/db: Rename CertUpdate to UpdateCertificate
• lxd/db: Drop unused ConfigValueSet
• lxd/instances/post: Fix revert in createFromBackup
• lxd/storage/drivers/volume: Adds allowUnsafeResize bool to Volume struct
• lxd/storage/backend/lxd: Adds cannot shrink error handling in CreateInstanceFromBackup
• lxd/storage/drivers/generic/vfs: Sets block volume size to file size of volume in tarball in genericVFSBackupUnpack
• lxd/storage/drivers/driver/btrfs/volumes: No need to move GPT header if no filler used in CreateVolume
• lxd/storage/drivers/driver/btrfs/volumes: Skip GPT header move in SetVolumeQuota when allowUnsafeResize is enabled
• lxd/storage/drivers/driver/dir/volumes: Skip GPT header move in SetVolumeQuota when allowUnsafeResize is enabled
• lxd/storage/drivers/driver/lvm/volumes: Allow unsafe shrinking when allowUnsafeResize is enabled
• lxd/storage/drivers/driver/zfs/volumes: Allow unsafe shrinking when allowUnsafeResize is enabled
• Merge pull request #7280 from tomponline/tp-storage-createfromcopy
• lxd/storage/drivers/driver/ceph/volumes: Allow unsafe shrinking when allowUnsafeResize is enabled
• Merge pull request #7282 from tomponline/tp-storage-backuprestore-size
• Merge pull request #7270 from tomponline/tp-storage-image-regeneration-ceph
• lxd/db: Rename InstanceNames to GetInstanceNames
• lxd/db: Rename ContainerNodeAddress to GetNodeAddressOfInstance
• lxd/db: Rename ContainersListByNodeAddress to GetInstanceNamesByNodeAddress
• lxd/db: Rename ContainersByNodeName to GetInstanceToNodeMap
• lxd/db: Rename ContainerNodeMove to UpdateInstanceNode
• lxd/db: Rename ContainerNodeProjectList to GetLocalInstancesInProject
• lxd/db: Rename ContainerConfigInsert to CreateInstanceConfig
• lxd/db: Rename ContainerConfigUpdate to UpdateInstanceConfig
• lxd/db: Rename InstanceRemove to RemoveInstance
• lxd/db: Rename ContainerProjectAndName to GetInstanceProjectAndName
• lxd/db: Rename ContainerConfigClear to DeleteInstanceConfig
• lxd/db: Rename ContainerConfigGet to GetInstanceConfig
• lxd/db: Rename ContainerConfigRemove to DeleteInstanceConfigKey
• lxd/db: Rename ContainerSetStateful to UpdateInstanceStatefulFlag
• lxd/db: Rename ContainerProfilesInsert to AddProfilesToInstance
• lxd/db: Drop unused ContainerProfiles
• lxd/db: Drop unused ContainerConfig
• lxd/db: Remove unused ContainersNodeList
• lxd/db: Rename ContainersResetState to ResetInstancesPowerState
• lxd/db: Rename ContainerSetState to UpdateInstancePowerState
• lxd/db: Rename ContainerUpdate to UpdateInstance
• lxd/db: Rename InstanceSnapshotCreationUpdate to UpdateInstanceSnapshotCreationDate
• lxd/db: Rename ContainerLastUsedUpdate to UpdateInstanceLastUsedDate
• lxd/db: Rename ContainerGetSnapshots to GetInstanceSnapshotsNames
• lxd/db: Rename ContainerNextSnapshot to GetNextInstanceSnapshotIndex
• lxd/db: Rename InstancePool to GetInstancePool
• lxd/db: Rename ContainerBackupID to getInstanceBackupID
• Rename ContainerGetBackup to GetInstanceBackup
• lxd/db: Rename InstanceCreateBackup to CreateInstanceBackup
• lxd/db: Rename InstanceBackupRemove to DeleteInstanceBackup
• lxd/db: ContainerBackupRename to RenameInstanceBackup
• lxd/db: Rename ContainerBackupsGetExpired to GetExpiredInstanceBackups
• lxd/storage/drivers/utils: Updates roundVolumeBlockFileSizeBytes and ensureVolumeBlockFile to take size as bytes
• lxd/storage/drivers/generic/vfs: Updates genericVFSResizeBlockFile to accept size as bytes
• lxd/storage/drivers/driver/btrfs/utils: Adds volumeSize function
• lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolume to use volumeSize()
• lxd/storage/drivers/driver/btrfs/volumes: Updates SetVolumeQuota to be byte oriented internally
• lxd/storage/drivers/driver/ceph/utils: Updates volumeSize comment for consistency
• lxd/storage/drivers/driver/ceph/volumes: Updates CreateVolumeFromCopy to use volumeSize()
• lxd/storage/drivers/driver/ceph/volumes: Updates SetVolumeQuota to be byte oriented internally
• lxd/storage/drivers/driver/dir/utils: Adds volumeSize function
• lxd/storage/drivers/driver/dir/volumes: Updates CreateVolume to use volumeSize
• lxd/storage/drivers/driver/dir/volumes: Updates SetVolumeQuota to be byte oriented internally
• lxd/storage/drivers/driver/lvm/utils: Updates copyThinpoolVolume to use volumeSize()
• lxd/storage/drivers/driver/lvm/volumes: Updates SetVolumeQuota variables and comments
• lxd/storage/drivers/driver/zfs/utils: Adds volumeSize function
• lxd/storage/drivers/driver/zfs/volumes: Updates CreateVolume to use volumeSize()
• lxd/storage/drivers/driver/zfs/volumes: Updates CreateVolumeFromCopy to use volumeSize()
• lxd/storage/drivers/driver/zfs/volumes: Updates SetVolumeQuota to be byte oriented internally
• Merge pull request #7281 from freeekanayaka/cleanup-db-function-names
• lxd/db: Rename DevicesAdd to AddDevicesToEntity
• lxd/storage/backend/lxd: Detect cached image filesystem changes for VM images too
• lxd/db: Remove unused Devices
• lxd/db: Rename ImagesGetLocal to GetLocalImages
• lxd/db: Rename ImagesGet to GetImages
• lxd/db: Rename ImagesGetExpired to GetExpiredImages
• lxd/db: Rename ImageSourceInsert to CreateImageSource
• lxd/db: Rename ImageSourceGet to GetImageSource
• lxd/db: Rename ImageGet to GetImage
• lxd/db: Rename ImageGetFromAnyProject to GetImageFromAnyProject
• lxd/db: Rename ImageLocate to LocateImage
• lxd/db: Rename ImageAssociateNode to AddImageToLocalNode
• lxd/db: Rename ImageDelete to DeleteImage
• lxd/db: Rename ImageAliasesGet GetImageAliases
• lxd/db: Rename ImageAliasGet to GetImageAlaias
• lxd/db: Rename ImageAliasRename to RenameImageAlias
• lxd/db: Rename ImageAliasDelete to DeleteImageAlias
• lxd/db: Rename ImageAliasesMove to MoveImageAlias
• lxd/db: Rename ImageAliasAdd to CreateImageAlias
• lxd/db: Rename ImageAliasUpdate to UpdateImageAlias
• lxd/db: Rename ImageCopyDefaultProfiles to CopyDefaultImageProfiles
• lxd/db: Rename ImageLastAccessUpdate to UpdateImageLastUseDate
• lxd/db: Rename ImageLastAccessInit to InitImageLastUseDate
• lxd/db: Rename ImageUpdate to UpdateImage
• lxd/db: Rename ImageInsert to CreateImage
• lxd/db: Rename ImageGetPools to GetPoolsWithImage
• lxd/db: Rename ImageGetPoolNamesFromIDs to GetPoolNamesFromIDs
• lxd/db: Rename ImageUploadedAt to UpdateImageUploadDate
• lxd/db: Rename ImagesGetOnCurrentNode to GetImagesOnLocalNode
• lxd/db: Rename ImagesGetByNodeID to GetImagesOnNode
• lxd/db: Replace ImageGetNodesWithImage with GetNodesWithImage
• lxd/db: Rename ImageGetNodesWithoutImage to GetNodesWithoutImage
• lxc/image: Actually refresh multiple images
• Merge pull request #7286 from freeekanayaka/cleanup-db-function-names-part-2
• Merge pull request #7288 from stgraber/master
• Merge pull request #7285 from tomponline/tp-storage-filesystem-regen
• Merge pull request #7283 from tomponline/tp-storage-volsize-consistency
• lxd/resources: Use permanent MAC when available
• Merge pull request #7290 from stgraber/master
• lxd/qemu: Restrict NUMA layout to x86_64
• Merge pull request #7293 from stgraber/master
• Consider all nodes when looking for the leader, not only voters
• Only attempt to transfer leadership if we are not standalone
• Merge pull request #7297 from freeekanayaka/try-all-nodes-when-looking-for-leader
• lxd/db: Rename NetworksNodeConfig to GetNetworksLocalConfig
• lxd/db: Rename NetworkIDsNotPending to GetNonPendingNetworkIDs
• lxd/db: Rename NetworkID to GetNetworkID
• lxd/db: Rename NetworkConfigAdd to CreateNetworkConfig
• lxd/db: Rename Networks to GetNetworks
• lxd/db: Rename NetworksNotPending to GetNonPendingNetworks
• lxd/db: Rename NetworksNotPending to GetNonNetworks
• lxd/db: Rename NetworkGetInterface to GetNetworkWithInterface
• lxd/db: Rename NetworkConfig to getNetworkConfig
• lxd/db: Rename NetworkCreate to CreateNetwork
• lxd/db: Rename NetworkUpdate to UpdateNetwork
• lxd/db: Rename NetworkConfigClear to clearNetworkConfig
• lxd/db: Rename NetworkDelete to DeleteNetwork
• lxd/db: Rename NetworkRename to RenameNetwork
• lxd/db: Rename NetworkNodeConfigKeys to NodeSpecificNetworkNodeConfig
• Merge pull request #7299 from freeekanayaka/cleanup-db-function-names-part-3
• lxd/daemon: Detect nodev and improve errors
• Merge pull request #7300 from stgraber/master
• lxd/db: Rename NodeByAddress to GetNodeByAddress
• lxd/db: Rename NodePendingByAddress to GetPendingNodeByAddress
• lxd/db: Rename NodeByName to GetNodeByName
• lxd/db: Rename NodeName to GetLocalNodeName
• lxd/db: Rename NodeAddress to GetLocalNodeAddress
• lxd/db: Rename Nodes to GetNodes
• lxd/db: Rename NodesCount to GetNodesCount
• lxd/db: Rename NodeRename to RenameNode
• lxd/db: Rename NodeAdd to CreateNode
• lxd/db: Rename NodeAddWithArch to CreateNodeWithArch
• lxd/db: Rename NodePending to SetNodePendingFlag
• lxd/db: Rename NodeUpdate to UpdateNode
• lxd/db: Rename NodeAddRole to CreateNodeRole
• lxd/db: Rename NodeRemoveRole to RemoveNodeRole
• lxd/db: Rename NodeUpdateRoles to UpdateNodeRoles
• lxd/db: Rename NodeRemove to RemoveNode
• lxd/db: Rename NodeHeartbeat to SetNodeHeartbeat
• lxd/db: Rename NodeOfflineThreshold to GetNodeOfflineThreshold
• lxd/db: Rename NodeClear to ClearNode
• lxd/db: Rename NodeWithLeastContainers to GetNodeWithLeastInstances
• lxd/db: Rename NodeUpdateVersion to SetNodeVersion
• lxd/db: Rename Operations to GetLocalOperations
• lxd/db: Rename OperationsUUIDs to GetLocalOperationsUUIDs
• lxd/db: Rename OperationNodes to GetNodesWithRunningOperations
• lxd/db: Rename OperationByUUID to GetOperationByUUID
• lxd/db: Rename OperationAdd to CreateOperation
• lxd/db: Rename OperationRemove to RemoveOperation
• lxd/db: Rename OperationFlush to removeNodeOperations
• lxd/db: Rename Patches to GetAppliedPatches
• lxd/db: Rename PatchesMarkApplied to MarkPatchAsApplied
• lxd/db: Rename Profiles to GetProfileNames
• lxd/db: Rename ProfileGet to GetProfile
• lxd/db: Rename ProfilesGet to GetProfiles
• lxd/db: Drop ProfileConfig
• lxd/db: Rename ProfileDescriptionUpdate to UpdateProfileDescription
• lxd/db: Rename ProfileConfigClear to ClearProfileConfig
• lxd/db: Rename ProfileConfigAdd to CreateProfileConfig
• lxd/db: Rename ProfileContainersGet to GetInstancesWithProfile
• lxd/db: Rename ProfileCleanupLeftover to RemoveUnreferencedProfiles
• lxd/db: Rename ProfilesExpandConfig to ExpandInstanceConfig
• lxd/db: Rename ProfilesExpandDevices to ExpandInstanceDevices
• Merge pull request #7302 from freeekanayaka/rename-db-function-names-part4
• lxd/storage/drivers/generic/vfs: Dont require access to block device when excluding root image file from rsync in genericVFSMigrateVolume
• lxd/storage/drivers/driver/zfs/volumes: Updates MigrateVolume to avoid need to premount snapshot volume
• Merge pull request #7304 from tomponline/tp-storage-zfs-migration
• ethtool: add ethtoolGset() helper
• test/suites/storage/volume/attach: Adds test for custom volume root perm persistence
• lxd/storage/drivers: Fixes custom volume root mount perm issue for BTRFS and DIR
• lxc/storage/drivers/volume: Removes keepDevice from Volume
• lxd/storage/drivers/driver/ceph/volumes: Removes keepDevice usage
• lxc/storage/drivers/driver/ceph/volumes: Mount changes
• lxd/storage/drivers/driver/ceph/volumes: UnmountVolume modifications
• lxd/storage/drivers/driver/ceph/volumes: Esnure permission on volume root set in CreateVolume
• lxd/resources: Skip NVME multipath entries
• lxd/db: Rename ProjectNames to GetProjectNames
• lxd/db: Rename ProjectMap to GetProjectIDsToNames
• lxd/db: Rename ProjectUpdate to UpdateProject
• Merge pull request #7310 from tomponline/tp-storage-customvol-chmod
• lxd/db: Rename ProjectLaunchWithoutImages to InitProjectWithoutImages
• lxd/db: Rename RaftNodes to GetRaftNodes
• lxd/db: Rename RaftNodeAddresses to GetRaftNodeAddresses
• lxd/db: Rename RaftNodeAddress to GetRaftNodeAddress
• lxd/db: Rename RaftNodeFirst to CreateFirstRaftNode
• lxd/db: Rename RaftNodeAdd to CreateRaftNode
• lxd/db: Rename RaftNodeDelete to RemoveRaftNode
• lxd/db: Rename RaftNodesReplace to ReplaceRaftNodes
• lxd/db: Rename InstanceSnapshotConfigUpdate to UpdateInstanceSnapshotConfig
• lxd/db: Rename InstanceSnapshotID to GetInstanceSnapshotID
• lxd/db: Rename StoragePoolsNodeConfig to GetStoragePoolsLocalConfig
• lxd/db: Rename StoragePoolID to GetStoragePoolID
• lxd/db: Rename StoragePoolDriver to GetStoragePoolDriver
• lxd/db: Rename StoragePoolIDsNotPending to GetNonPendingStoragePoolsNamesToIDs
• lxd/db: Rename StoragePoolNodeJoin to UpdateStoragePoolAfterNodeJoin
• lxd/db: Rename StoragePoolConfigAdd to CreateStoragePoolConfig
• lxd/db: Rename StoragePoolNodeConfigs to GetStoragePoolNodeConfigs
• lxd/db: Rename StoragePools to GetStoragePoolNames
• lxd/db: Rename StoragePoolsNotPending to GetNonPendingStoragePoolNames
• lxd/db: Rename StoragePoolsGetDrivers to GetStoragePoolDrivers
• lxd/db: Rename StoragePoolGetID to GetStoragePoolID
• lxd/db: Rename StoragePoolGet to GetStoragePool
• lxd/db: Rename StoragePoolConfigGet to getStoragePoolConfig
• lxd/db: Rename StoragePoolCreate to CreateStoragePool
• lxd/db: Rename StoragePoolUpdate to UpdateStoragePool
• Merge pull request #7314 from stgraber/master
• lxd/db: Rename StoragePoolConfigClear to clearStoragePoolConfig
• lxd/db: Rename StoragePoolDelete to RemoveStoragePool
• lxd/db: Rename StoragePoolVolumesGetNames to GetStoragePoolVolumesNames
• lxd/db: Rename StoragePoolVolumesGetAllByType to GetStoragePoolVolumesWithType
• lxd/db: Rename StoragePoolVolumesGet to GetStoragePoolVolumes
• lxd/db: Rename StoragePoolNodeVolumesGet to GetLocalStoragePoolVolumes
• lxd/db: Rename StoragePoolVolumeSnapshotsGetType to GetLocalStoragePoolVolumeSnapshotsWithType
• lxd/db: Rename StoragePoolNodeVolumesGetType to GetLocalStoragePoolVolumesWithType
• lxd/db: Rename StoragePoolNodeVolumeGetTypeByProject to GetLocalStoragePoolVolume
• lxd/db: Rename StoragePoolVolumeUpdateByProject to UpdateStoragePoolVolume
• lxd/db: Rename StoragePoolVolumeDelete to RemoveStoragePoolVolume
• lxd/db: Rename StoragePoolVolumeRename to RenameStoragePoolVolume
• lxd/db: Rename StoragePoolVolumeCreate to CreateStoragePoolVolume
• lxd/db: Rename StoragePoolNodeVolumeGetTypeIDByProject to GetStoragePoolNodeVolumeID
• lxd/db: Rename StoragePoolInsertZfsDriver to FillMissingStoragePoolDriver
• Merge pull request #7312 from tomponline/tp-storage-ceph-shrink
• Merge pull request #7315 from freeekanayaka/rename-db-function-names-part-5
• lxd/storage/zfs: Use TryUnmount
• Merge pull request #7317 from stgraber/master
• Support two-phase creation of a storage pool on single-node cluster
• Merge pull request #7325 from freeekanayaka/storage-creation-on-single-node
• lxd/storage/drivers/driver/btrfs/utils: Adds setSubvolumeReadonlyProperty function
• lxd/storag/drivers/driver/btrfs/volumes: Removes readonly argument from snapshotSubvolume
• lxd/storage/drivers/driver/btrfs: d.setSubvolumeReadonlyProperty and d.snapshotSubvolume usage
• lxd/db: Rename StoragePoolVolumeGetType to GetStoragePoolVolume
• lxd/db: Rename StoragePoolVolumeSnapshotCreate to CreateStorageVolumeSnapshot
• lxd/db: Rename StoragePoolVolumeSnapshotUpdateByProject to UpdateStoragePoolVolumeSnapshot
• lxd/db: Rename StorageVolumeSnapshotExpiryGet to GetStorageVolumeSnapshotExpiry
• lxd/db: Rename StorageVolumeSnapshotsGetExpired to GetExpiredStorageVolumeSnapshots
• resources/ethtool: implement ETHTOOL_GLINKSETTINGS
• lxd/storage/drivers/driver/btrfs/utils: Adds getSubvolumesMetaData function
• lxd/storage/drivers/driver/btrfs/volumes: Maintain subvolume readonly state in snapshot
• lxd/storage/driversr/driver/btrfs/utils: Allow ro subvolumes to be deleted in deleteSubvolume
• lxd/storag/drivers/driver/btrfs/volumes: Updates MigrateVolume to send subvolumes
• lxd/storage/drivers/driver/btrfs/volumes: Fail backup when cleanup fails in BackupVolume
• lxd/storage/drivers/driver/btrfs/volumes: Better naming of variables in unpackVolume
• lxd/migration/migrate/proto: Adds BTRFS Features to offer header
• lxd/migration/utils: Adds GetBtrfsFeaturesSlice function
• lxd/migration/migration/volumes: Adds BTRFS feature support to TypesToHeader
• lxd/migration/migration/volumes: Adds BTRFS feature support to MatchTypes
• lxd/storage/drivers/driver/btrfs: Adds BTRFS features to MigrationTypes
• lxd/storage/memorypipe: Dont make ioutil.ReadAll panic on cancel
• lxd/storage/drivers/driver/btrfs/utils: Kill btrfs send on error in sendSubvolume
• lxd/storage/drivers/driver/btrfs/utils: Support subvolumes in receiveSubvolume
• lxd/storage/drivers/driver/btrfs/utils: Adds metadataHeader function
• lxd/storage/drivers/driver/btrfs/volumes: Updates CreateVolumeFromMigration to receive subvolumes
• Merge pull request #7327 from brauner/2020-05-06/ethtool
• Merge pull request #7326 from tomponline/tp-storage-btrfs-snapshot
• lxd/db: Rename StorageVolumeNodeAddresses to GetStorageVolumeNodeAddresses
• lxd/db: Rename StorageVolumeDescriptionGet to GetStorageVolumeDescription
• lxd/db: Rename StorageVolumeNextSnapshot to GetNextStorageVolumeSnapshotIndex
• lxd/db: Rename StorageVolumeCleanupImages to RemoveStorageVolumeImages
• lxd/db: Rename StorageVolumeMoveToLVMThinPoolNameKey to UpgradeStorageVolumConfigToLVMThinPoolNameKey
• lxd/db: Update naming pattern for generated database code
• Merge pull request #7316 from tomponline/tp-storage-btrfs-subvols
• Merge pull request #7328 from freeekanayaka/rename-db-function-names-part-6
• client/lxd_images: Fix backward compatibility
• Merge pull request #7329 from stgraber/master
• lxd/storage/btrfs: Fix migration from snapshot
• Merge pull request #7330 from stgraber/master
• i18n: Update translations from weblate

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 4.0.1 LTS リリースのお知らせ¶

21st of April 2020

はじめに ¶

LXD チームは、LXD 4.0.1 のリリースをお知らせできてとてもうれしいです!

このリリースは、2025 年 6 月までサポートされる LXD 4.0 に対する最初のバグフィックスリリースです。

バグ修正と改良点 ¶

このリリースでは、4.0.0 のリリース後に報告された多数の問題を修正しています。

主なものは次の通りです:

• resources API の調整と改良
  • NUMA ノードのコアごとの表示
  • die_id カーネル属性を使った CPU のサポート
  • system セクションで DMI インフォメーションが提供されるようになりました
• /1.0 内の環境データーに os と os_version を追加
• ディザスターリカバリー機能 lxd cluster remove-raft-node の追加
• VM とスケジュールされたスナップショットを考慮した activateifneeded の改良
• コマンドラインツールのソート順を改良し、番号付きエントリーを改良
• Ceph rbd/fs disk デバイスが実装され、仮想マシンにアタッチできるようになりました
• 3.0 未満から 4.0 へ直接アップグレードしたユーザーのデーター移行の問題をいくつか修正しました
• exec でファイルディスクリプターがリークする問題を修正しました

コミットの全リストは次の通りです（翻訳なし）:

• doc/instances: Fix escaping
• lxc/network: Updates network detach checks to use bridged network property
• lxd/network/network/utils: Updates network setting detection in IsInUse
• lxd/instance/drivers/driver/qemu: Adds host_name info to RenderState when lxd-agent is running
• lxd/networks: Fix clustered configs
• shared/api: Move NUMANode to thread
• lxd/resources: Set NUMANode on a per-thread basis
• lxc/info: Update for NUMANode on thread
• i18n: Update translation templates
• api: resources_cpu_threads_numa
• api: resources_cpu_core_die
• lxd/resources: Parse and report die_id
• lxd/storage/drivers/driver/lvm/volumes: Mount xfs snapshot with nouuid option
• lxd/storage/drivers/driver/ceph/volumes: Adds mounting logging
• lxd/instance/drivers/driver/lxc: Updates Render() to accept options arguments
• lxd/instance/drivers/driver/qemu: Updates Render() to accept options arguments
• lxd/instance/instance/interface: Updates Render() to accept options arguments
• lxd/storage/drivers/utils: Zeros btrfs transaction log in regenerateFilesystemBTRFSUUID
• lxd/storage/utils: Removes unused functions and constants
• lxd/storage/utils: Adds RenderSnapshotUsage function
• lxd/instance/snapshot: Adds storagePools.RenderSnapshotUsage to Render() in containerSnapshotsGet and snapshotGet
• lxd/instance/drivers/driver/lxc: Use storagePools.RenderSnapshotUsage in RenderFull()
• lxd/instance/drivers/driver/qemu: Use storagePools.RenderSnapshotUsage in RenderFull()
• lxd/instance/instance/utils: Removes unused WriteBackupFile
• lxd/storage/drivers/utils: Changes regenerateFilesystemUUID to use expanded arg definitions
• lxd/storage/drivers/driver/ceph/utils: Changes generateUUID to not map device
• lxd/storage/drivers/driver/ceph/volumes: d.generateUUID updated signature usage
• lxd/storage/drivers/driver/ceph/volumes: Adds BTRFS UUID regeneration to MountVolumeSnapshot
• lxd/storage/drivers/driver/zfs/volumes: Comment clarification
• lxd/storage/drivers/volume: Adds support for setting custom mount path
• lxd/storage/drivers/driver/btrfs/volumes: Create temporary snapshot in BackupVolume()
• lxd/storage/drivers/driver/btrfs/volumes: Renames container vars to instance
• lxd/storage/drivers/driver/btrfs/volumes: Consistent quoting of error message variables
• lxd/instance/drivers: Removes storagePools.RenderSnapshotUsage from RenderFull()
• lxd/storage/drivers/driver/zfs/volumes: Create temporary snapshot in BackupVolume()
• lxd/storage/backend/lxd: Checks for existance of volume before deleting
• lxd/instance: Switches to revert package for instanceCreateAsSnapshot
• lxd/storage/backend/lxd: Comment tweak
• lxd/storage/drivers/driver/ceph/volumes: Tweaks HasVolume detection
• shared/subprocess/proc: Fixes race in process stopping
• lxd/main_activateifneeded: s/container/instance/
• lxd/main_activateifneeded: Retrieve all instances
• lxd/main_activateifneeded: Check for scheduled instance snapshots
• lxd/main_activateifneeded: Check for scheduled volume snapshots
• test/suites/basic: Update activateifneeded tests
• lxd/main_activateifneeded: Use defer statement to close db
• lxd/storage/btrfs: Workaround permission issue
• lxd/cluster: add RemoveRaftNode() to force removing a raft node
• api: Add "DELETE /internal/cluster/raft/
  " endpoint
• Increase timeout when calling dqlite.Client.Add() to join the cluster
• lxd/storage/drivers/driver/zfs/volumes: Comment
• lxd/storage/drivers/driver/lvm/volumes: Always return -1/ErrNotSupported for snapshot usage
• lxd/storage/drivers/driver/dir/volumes: Always return -1/ErrNotSupported for snapshot usage
• lxd/storage/drivers/driver/zfs/volumes: Always used 'used' property for ZFS snapshot usage
• lxd/storage/drivers/driver/cephfs/volumes: Always return -1/ErrNotSupported for snapshot usage
• lxd/storage/drivers/driver/btrfs/volumes: Return -1/ErrNotSupported when no quota available
• lxd/instance: Fix typo in comment
• lxc/action: Fix typo in help message
• i18n: Update translation templates
• lxd: Add "lxd cluster remove-raft-node" recovery command
• doc: Add paragraph about "lxd cluster remove-raft-node"
• test: Add test exercising "lxd cluster remove-raft-node"
• lxd/storage/lvm: Always call vgchange on mount
• lxd/patches: Fix snapshot migration
• tests: Fix btrfs storage usage
• lxd/storage/drivers/volume: Only chmod if needed in EnsureMountPath
• lxd/storage/drivers/volume: Removes unnecessary variable
• lxd/storage/drivers/driver/zfs/volumes: Ensure volumes created from copy have correct perms
• lxd/storage/drivers: Call EnsureMountPath() in MountVolume()
• lxd/storage/drivers: Call EnsureMountPath() in MountVolumeSnapshot()
• lxd/storage/drivers/driver/btrfs/volumes: Adds revert to CreateVolume
• lxd/storage/drivers/driver/btrfs/volumes: Comment in CreateVolumeFromCopy
• lxd/storage/drivers/driver/lvm/utils: EnsureMountPath after copying thin volume
• lxd/storage/drivers/driver/cephfs/volumes: typo
• lxd/storage/drivers/driver/cephfs/volumes: Calls vol.EnsureMountPath after filling
• lxd/storage/drivers/driver/ceph/volumes: Calls EnsureMountPath to fix perms after copying volume
• lxd/storage/drivers/driver/lvm/volumes: Fixes temporary snapshot volume cleanup for VMs
• lxd/storagr/drivers/driver/ceph/volumes: Adds support for snapshot usage reporting
• lxd/storage/drivers/driver/lvm/volumes: Clarifies comments on LVM volume usage reporting
• shared/osarch: Coding style
• shared/osarch: Don't fail on missing os-release
• shared/api: Add OS information
• lxd/api: Add OS information
• api: Add api_os
• lxc: Use natural string sorting
• lxc: Group snapshot and parent
• lxd/main: Move forkzfs mntns to cgo
• doc/networks: Adds note about firewalld and DHCP/DNS
• lxd/device/nic/routed: Improves validation of sysctl settings when using vlan option
• lxd/device/nic/routed: Corrects misleading error message when setting sysctls
• lxd/storage/drivers/generic/vfs: Log when creating snapshots
• lxd/storage/drivers/driver/zfs/volumes: Fix migrating VM block volumes in MigrateVolume
• lxd/storage/memorypipe: Adds context support for cancellation
• lxd/storage/backend/lxd: memorypipe cancellation usage
• lxd/device/nic/sriov: Updates networkGetVirtFuncInfo to use json output from ip tool
• doc: Add missing os_api extension
• lxd/storage/drivers/driver/dir/utils: Removes default project quota
• forkexec: mark fd cloexec so the attaching process doesn't inherit it
• forkexec: close all inherited fds
• forkexec: log unexpected fds
• lxd/daemon: Ignore .zfs in volumes
• lxd/network: Push MTU over DHCP
• shared/api: Drop invalid Managed key in NetworksPost
• lxd: Drop invalid use of Managed property
• lxd/devices/disk: Prevent recursive & readonly
• lxc/instance/drivers: Set new name before renaming backups
• test: Extend backup rename
• lxd/instance/drivers: Add revert steps when renaming instance
• lxd/instance/drivers/driver/qemu: Allow up to 8 NIC devices
• lxd/instance/drivers/driver/qemu/templates: Note that lxd_ disk device name prefix should not be changed
• doc/instances: Clarify config conditions
• doc/index: Clarify bind-mount in FAQ
• lxd/instances: Better use userRequested on Update
• lxd/device/nic/routed: Fix sysctl command suggestion when using vlans
• lxd/device/nic/ipvlan: Improve validation of sysctl settings when vlan setting used
• test/clustering: increase timing to detect offline node
• shared/version/api: Add resources_system API extension
• doc/api-extensions: Add resources_system
• shared/api/resource: Add system resources
• lxd/resources: Add new system resources
• lxd/resources: Retrieve system information
• shared/util: Never look into the snap
• lxd/resources: serial/uuid may not be accessible
• doc/instances: Fixes default ceph.cluster_name value
• lxd/device/disk: Adds support to use ceph: prefix for disk source for VMs
• firewalld & lxd : how to let Firewalld control the LXD's iptables rules this is related to https://github.com/lxc/lxd/pull/7195 but this a bit more generic
• Update networks.md
• doc/networks: Fix typo
• i18n: Update translations from weblate
• Update networks.md
• lxd/storage/ceph: Suppport alternate conf syntax
• lxd/init: Try to bind LXD network address when running interactively
• lxd/instance/drivers/driver/qemu/templates: Use static PCIe address prefix for 9p devices
• lxd/instance/drivers/drivers/qemu: Adds support for 9p disk device PCIe indexes
• lxd/device/nic/bridged: Dont load br_netfilter
• doc/instances: Fix swapped description
• index.md: add PATH env variable to sudo command example
• shared/simplestreams: Fix VM image preference
• lxd/devoce/device/utils/disk: Comment on diskCephfsOptions
• lxd/device/disk: Adds cephfs support for VMs
• lxd/device/proxy: Check for br_netfilter enabled and log warning if not
• lxd/firewall/drivers/driver/xtables: Adds MASQUERADE hairpin proxy NAT rule
• lxd/firewall/drivers/drivers/xtables: comments
• lxd/device/proxy: Sets bridge port hairpin mode on when br_netfilter loaded
• lxd/firewall/drivers/drivers/xtables: Renames toDest to connectDest
• lxd/firewall/drivers/drivers/nftables: Renames toDest to connectDest
• lxd/init: Improve error messages when failing to bind an address
• lxd/firewall/drivers/drivers/nftables: Adds MASQUERADE hairpin proxy NAT rule
• test/suites/container/devices/proxy: Updates tests for checking hairpin rule
• lxd/instance/drivers/driver/qemu: Wait for onStop when restarting
• lxd/instance/drivers/driver/qemu: Makes onStop unexported
• lxd/instance/drivers/driver/qemu: Comment
• lxd/instance/lxc: Don't crash in setNetworkPriority
• lxd/instances: Export type to templates
• lxd-agent: Reboot after cloud-init seed
• lxd/util: Tweak NetworkInterfaceAddress to only return global
• lxd/net/util: Updates comment on NetworkInterfaceAddress behaviour change
• shared/usbid: Use system database

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 4.0 LTS リリースのお知らせ¶

31st of March 2020

はじめに ¶

LXD チームは、LXD 4.0 LTS のリリースをお知らせすることにとてもワクワクしています!

これは LXD の 3 つめの LTS リリースです。とても忙しく、そしてエキサイティングです! あとの ChangeLog は、LXD 3.23 ユーザーと 3.0 ユーザーの両方が私たちが準備したものを見れるように分けています。

私たちの他の LTS リリースと同様に、このリリースも 5 年間（2025 年 6 月まで）サポートされます。その間に多数のバグフィックスとセキュリティのポイントリリースが行われます。

LXD 3.0 に関しては、残り 3 年間のセキュリティ fix のみのメンテナンスモードに入る前の近いうちに、最後のバグフィックスリリースを 3.0.5 としてリリースしたいと思っています。

Enjoy!

互換性のない変更 ¶

--container-only の削除と、--instance-only への置き換え ¶

このリリースでの CLI の互換性のない変更は --container-only を --instance-only に置き換えるものだけです。フィーチャーリリースでは数ヶ月の間は両方をサポートします。4.0 リリースでは、非推奨の機能は削除されます。

3.23 ユーザー向けのハイライト ¶

virtual machines: バックアップサポート（import/export）¶

lxc export と lxc import が仮想マシンで使えるようになりました。

しかし、注意点があります。仮想マシンはコンテナとは異なり、大きなブロックデバイスとしてしかアクセスできません。これは、VM 内で実際にどれだけの容量が使われていたとしても、数 GB のデーターを読み込み圧縮する必要があるということです。

つまりエクスポートもインポートも長い時間がかかる可能性があるということです。

ZFS のようなバックエンドで --optimized オプションを使うと、同じタイプのストレージプールにインポートするなら、エクスポートの時間を大幅に短縮できるでしょう。

resources: リソース API の PCI、USB デバイス ¶

リソース API（/1.0/resources）が拡張され、システム上の PCI、USB デバイスが表示されるようになりました。これは特に、仮想マシンで VFIO パススルーや、コンテナで USB デバイスを扱う場合に有用です。

stgraber@castiana:~$ lxc query /1.0/resources | jq .pci
{
  "devices": [
    {
      "driver": "skl_uncore",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:00:00.0",
      "product": "Xeon E3-1200 v6/7th Gen Core Processor Host Bridge/DRAM Registers",
      "product_id": "5904",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "i915",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:00:02.0",
      "product": "HD Graphics 620",
      "product_id": "5916",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "",
      "driver_version": "",
      "numa_node": 0,
      "pci_address": "0000:00:08.0",
      "product": "Xeon E3-1200 v5/v6 / E3-1500 v5 / 6th/7th/8th Gen Core Processor Gaussian Mixture Model",
      "product_id": "1911",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "xhci_hcd",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:00:14.0",
      "product": "Sunrise Point-LP USB 3.0 xHCI Controller",
      "product_id": "9d2f",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "intel_pch_thermal",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:00:14.2",
      "product": "Sunrise Point-LP Thermal subsystem",
      "product_id": "9d31",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "mei_me",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:00:16.0",
      "product": "Sunrise Point-LP CSME HECI #1",
      "product_id": "9d3a",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:00:1c.0",
      "product": "Sunrise Point-LP PCI Express Root Port #1",
      "product_id": "9d10",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:00:1c.2",
      "product": "Sunrise Point-LP PCI Express Root Port #3",
      "product_id": "9d12",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:00:1c.4",
      "product": "Sunrise Point-LP PCI Express Root Port #5",
      "product_id": "9d14",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:00:1d.0",
      "product": "Sunrise Point-LP PCI Express Root Port #9",
      "product_id": "9d18",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "",
      "driver_version": "",
      "numa_node": 0,
      "pci_address": "0000:00:1f.0",
      "product": "Sunrise Point LPC Controller/eSPI Controller",
      "product_id": "9d4e",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "",
      "driver_version": "",
      "numa_node": 0,
      "pci_address": "0000:00:1f.2",
      "product": "Sunrise Point-LP PMC",
      "product_id": "9d21",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "snd_hda_intel",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:00:1f.3",
      "product": "Sunrise Point-LP HD Audio",
      "product_id": "9d71",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "i801_smbus",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:00:1f.4",
      "product": "Sunrise Point-LP SMBus",
      "product_id": "9d23",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "e1000e",
      "driver_version": "3.2.6-k",
      "numa_node": 0,
      "pci_address": "0000:00:1f.6",
      "product": "Ethernet Connection (4) I219-LM",
      "product_id": "15d7",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "rtsx_pci",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:02:00.0",
      "product": "RTS525A PCI Express Card Reader",
      "product_id": "525a",
      "vendor": "Realtek Semiconductor Co., Ltd.",
      "vendor_id": "10ec"
    },
    {
      "driver": "iwlwifi",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:04:00.0",
      "product": "Wireless 8265 / 8275",
      "product_id": "24fd",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "nvme",
      "driver_version": "1.0",
      "numa_node": 0,
      "pci_address": "0000:05:00.0",
      "product": "SSD 600P Series",
      "product_id": "f1a5",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:06:00.0",
      "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]",
      "product_id": "15d3",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:07:00.0",
      "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]",
      "product_id": "15d3",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:07:01.0",
      "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]",
      "product_id": "15d3",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:07:02.0",
      "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]",
      "product_id": "15d3",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:07:04.0",
      "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]",
      "product_id": "15d3",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "thunderbolt",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:08:00.0",
      "product": "JHL6540 Thunderbolt 3 NHI (C step) [Alpine Ridge 4C 2016]",
      "product_id": "15d2",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:09:00.0",
      "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]",
      "product_id": "15d3",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:0a:00.0",
      "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]",
      "product_id": "15d3",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:0a:01.0",
      "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]",
      "product_id": "15d3",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:0a:02.0",
      "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]",
      "product_id": "15d3",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "pcieport",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:0a:04.0",
      "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]",
      "product_id": "15d3",
      "vendor": "Intel Corporation",
      "vendor_id": "8086"
    },
    {
      "driver": "ahci",
      "driver_version": "3.0",
      "numa_node": 0,
      "pci_address": "0000:0b:00.0",
      "product": "",
      "product_id": "0622",
      "vendor": "ASMedia Technology Inc.",
      "vendor_id": "1b21"
    },
    {
      "driver": "xhci_hcd",
      "driver_version": "5.4.0-18-generic",
      "numa_node": 0,
      "pci_address": "0000:0c:00.0",
      "product": "FL1100 USB 3.0 Host Controller",
      "product_id": "1100",
      "vendor": "Fresco Logic",
      "vendor_id": "1b73"
    },
    {
      "driver": "atlantic",
      "driver_version": "5.4.0-18-generic-kern",
      "numa_node": 0,
      "pci_address": "0000:0d:00.0",
      "product": "AQC107 NBase-T/IEEE 802.3bz Ethernet Controller [AQtion]",
      "product_id": "87b1",
      "vendor": "Aquantia Corp.",
      "vendor_id": "1d6a"
    }
  ],
  "total": 32
}

stgraber@castiana:~$ lxc query /1.0/resources | jq .usb
{
  "devices": [
    {
      "bus_address": 1,
      "device_address": 4,
      "interfaces": [
        {
          "class": "Wireless",
          "class_id": 224,
          "driver": "btusb",
          "driver_version": "0.8",
          "number": 0,
          "subclass": "Radio Frequency",
          "subclass_id": 1
        },
        {
          "class": "Wireless",
          "class_id": 224,
          "driver": "btusb",
          "driver_version": "0.8",
          "number": 1,
          "subclass": "Radio Frequency",
          "subclass_id": 1
        }
      ],
      "product": "",
      "product_id": "0a2b",
      "speed": 12,
      "vendor": "Intel Corp.",
      "vendor_id": "8087"
    },
    {
      "bus_address": 1,
      "device_address": 3,
      "interfaces": [
        {
          "class": "Video",
          "class_id": 14,
          "driver": "uvcvideo",
          "driver_version": "1.1.1",
          "number": 0,
          "subclass": "Video Control",
          "subclass_id": 1
        },
        {
          "class": "Video",
          "class_id": 14,
          "driver": "uvcvideo",
          "driver_version": "1.1.1",
          "number": 1,
          "subclass": "Video Streaming",
          "subclass_id": 2
        }
      ],
      "product": "Integrated Camera",
      "product_id": "b5ce",
      "speed": 480,
      "vendor": "Chicony Electronics Co., Ltd",
      "vendor_id": "04f2"
    },
    {
      "bus_address": 3,
      "device_address": 2,
      "interfaces": [
        {
          "class": "Audio",
          "class_id": 1,
          "driver": "snd-usb-audio",
          "driver_version": "5.4.0-18-generic",
          "number": 0,
          "subclass": "Control Device",
          "subclass_id": 1
        },
        {
          "class": "Audio",
          "class_id": 1,
          "driver": "snd-usb-audio",
          "driver_version": "5.4.0-18-generic",
          "number": 1,
          "subclass": "Streaming",
          "subclass_id": 2
        },
        {
          "class": "Audio",
          "class_id": 1,
          "driver": "snd-usb-audio",
          "driver_version": "5.4.0-18-generic",
          "number": 2,
          "subclass": "Streaming",
          "subclass_id": 2
        },
        {
          "class": "Human Interface Device",
          "class_id": 3,
          "driver": "usbhid",
          "driver_version": "5.4.0-18-generic",
          "number": 3,
          "subclass": "",
          "subclass_id": 0
        }
      ],
      "product": "TX42C500",
      "product_id": "4933",
      "speed": 12,
      "vendor": "Realtek Semiconductor Corp.",
      "vendor_id": "0bda"
    },
    {
      "bus_address": 3,
      "device_address": 13,
      "interfaces": [
        {
          "class": "Video",
          "class_id": 14,
          "driver": "uvcvideo",
          "driver_version": "1.1.1",
          "number": 0,
          "subclass": "Video Control",
          "subclass_id": 1
        },
        {
          "class": "Video",
          "class_id": 14,
          "driver": "uvcvideo",
          "driver_version": "1.1.1",
          "number": 1,
          "subclass": "Video Streaming",
          "subclass_id": 2
        },
        {
          "class": "Audio",
          "class_id": 1,
          "driver": "snd-usb-audio",
          "driver_version": "5.4.0-18-generic",
          "number": 2,
          "subclass": "Control Device",
          "subclass_id": 1
        },
        {
          "class": "Audio",
          "class_id": 1,
          "driver": "snd-usb-audio",
          "driver_version": "5.4.0-18-generic",
          "number": 3,
          "subclass": "Streaming",
          "subclass_id": 2
        }
      ],
      "product": "HD Pro Webcam C920",
      "product_id": "082d",
      "speed": 480,
      "vendor": "Logitech, Inc.",
      "vendor_id": "046d"
    },
    {
      "bus_address": 3,
      "device_address": 16,
      "interfaces": [
        {
          "class": "Human Interface Device",
          "class_id": 3,
          "driver": "usbhid",
          "driver_version": "5.4.0-18-generic",
          "number": 0,
          "subclass": "",
          "subclass_id": 0
        },
        {
          "class": "Chip/SmartCard",
          "class_id": 11,
          "driver": "usbfs",
          "driver_version": "5.4.0-18-generic",
          "number": 1,
          "subclass": "",
          "subclass_id": 0
        }
      ],
      "product": "YubiKey FIDO+CCID",
      "product_id": "0406",
      "speed": 12,
      "vendor": "Yubico.com",
      "vendor_id": "1050"
    },
    {
      "bus_address": 3,
      "device_address": 17,
      "interfaces": [
        {
          "class": "Human Interface Device",
          "class_id": 3,
          "driver": "usbhid",
          "driver_version": "5.4.0-18-generic",
          "number": 0,
          "subclass": "Boot Interface Subclass",
          "subclass_id": 1
        },
        {
          "class": "Human Interface Device",
          "class_id": 3,
          "driver": "usbhid",
          "driver_version": "5.4.0-18-generic",
          "number": 1,
          "subclass": "Boot Interface Subclass",
          "subclass_id": 1
        }
      ],
      "product": "ThinkPad Compact USB Keyboard with TrackPoint",
      "product_id": "6047",
      "speed": 12,
      "vendor": "Lenovo",
      "vendor_id": "17ef"
    }
  ],
  "total": 6
}

network: 複数の ipvlan NIC デバイスのサポート ¶

複数の ipvlan デバイスの ipv4.gateway と ipv6.gateway の両方もしくは片方が none に設定されている場合、複数の ipvlan デバイスを同じコンテナに追加できるようになりました。

network: routed NIC のホスト側アドレス設定のサポート ¶

routed NIC のホスト側のアドレスは ipv4.host_address と ipv6.host_address プロパティで設定できるようになりました。

clustering: クラスターロール編集のサポート ¶

新たに lxc cluster edit コマンドでクラスターのロールを編集できるようになりました。

現時点では書き込みできるロールがないので意味がないのですが、近いうちにいくつかロールを追加し、API とコマンドで管理できるようになるにする予定です。

instances: カスタムボリュームのディスク使用量 ¶

カスタムボリュームをアタッチしているコンテナが、state API （と lxc info）経由でボリュームの使用量をレポートするようになりました。

stgraber@castiana:~$ lxc launch images:ubuntu/bionic c1
Creating c1
Starting c1

stgraber@castiana:~$ lxc storage volume create default vol1
Storage volume vol1 created
stgraber@castiana:~$ lxc storage volume create default vol2
Storage volume vol2 created

stgraber@castiana:~$ lxc storage volume attach default vol1 c1 vol1 /mnt/vol1
stgraber@castiana:~$ lxc storage volume attach default vol2 c1 vol2 /mnt/vol2

stgraber@castiana:~$ lxc info c1
Name: c1
Location: none
Remote: unix://
Architecture: x86_64
Created: 2020/04/01 00:00 UTC
Status: Running
Type: container
Profiles: default
Pid: 1439012
Ips:
  eth0: inet    10.166.11.66    veth12c5ea18
  eth0: inet6   fd42:4c81:5770:1eaf:216:3eff:fee2:43b6  veth12c5ea18
  eth0: inet6   fe80::216:3eff:fee2:43b6    veth12c5ea18
  lo:   inet    127.0.0.1
  lo:   inet6   ::1
Resources:
  Processes: 14
  Disk usage:
    root: 1.11MB
    vol1: 98.30kB
    vol2: 98.30kB
  CPU usage:
    CPU usage (in seconds): 0
  Memory usage:
    Memory (current): 46.94MB
  Network usage:
    eth0:
      Bytes received: 3.06kB
      Bytes sent: 2.93kB
      Packets received: 22
      Packets sent: 28
    lo:
      Bytes received: 0B
      Bytes sent: 0B
      Packets received: 0
      Packets sent: 0

instances: スナップショットのディスク使用量 ¶

API でスナップショットごとのそれぞれのサイズを取得できるようになりました。

stgraber@castiana:~$ lxc snapshot c1
stgraber@castiana:~$ lxc query /1.0/instances/c1/snapshots/snap0 | jq .size
61440

これは再設計が済むとすぐに lxc info で表示されるようになるでしょう。

auth: パスワード不要の PKI モードのサポート ¶

管理された PKI を使って LXD を使う場合、その CA が署名したクライアント証明書であれば自動的に信頼するように LXD を設定できるようになりました。

これは core.trust_ca_certificates で設定します。

revoke を扱うため、server.ca と同時に設定する server.crl を CRL として受け入れます。

3.0 ユーザー向けのハイライト ¶

上記の機能と変更点に加えて、LXD 3.0 ブランチのユーザーは、以下の「新しい」機能が期待できるでしょう:

仮想マシン ¶

LXD はコンテナと仮想マシンの両方を実行できるようになりました。

デバイスや設定オプションによっては仮想マシンではまだ設定できないものがありますが、使い方や設定方法は同じように動作します。

操作によっては仮想マシン内で動作するエージェントが実行します（lxc exec と lxc file）。プロジェクトで作成したイメージのほとんどはエージェントがあらかじめインストールされています。

コンテナではなく仮想マシンを作成するのであれば、シンプルに lxc launch に --vm オプションを指定します。

VM イメージは主要なよく使われる Linux ディストリビューションのものが準備されており、将来的にも更に追加する予定です。

stgraber@castiana:~$ lxc launch images:centos/8 centos-8 --vm
Creating centos-8
Starting centos-8

stgraber@castiana:~$ lxc info centos-8
Name: centos-8
Location: none
Remote: unix://
Architecture: x86_64
Created: 2020/03/31 23:48 UTC
Status: Running
Type: virtual-machine
Profiles: default
Pid: 1426453
Ips:
  enp5s0:   inet    10.166.11.125
  enp5s0:   inet6   fd42:4c81:5770:1eaf:1c5b:d0a1:d892:5464
  enp5s0:   inet6   fe80::9bbf:7460:2ad0:6a9
  lo:   inet    127.0.0.1
  lo:   inet6   ::1
Resources:
  Processes: 12
  Disk usage:
    root: 6.65MB
  CPU usage:
    CPU usage (in seconds): 5
  Memory usage:
    Memory (current): 123.94MB
    Memory (peak): 115.95MB
  Network usage:
    enp5s0:
      Bytes received: 2.55kB
      Bytes sent: 2.32kB
      Packets received: 21
      Packets sent: 20
    lo:
      Bytes received: 0B
      Bytes sent: 0B
      Packets received: 0
      Packets sent: 0

stgraber@castiana:~$ lxc exec centos-8 bash
[root@centos-8 ~]# cat /etc/redhat-release 
CentOS Linux release 8.1.1911 (Core) 
[root@centos-8 ~]# uname -a
Linux centos-8 4.18.0-147.5.1.el8_1.centos.plus.x86_64 #1 SMP Thu Feb 6 10:31:58 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
[root@centos-8 ~]#

プロジェクト ¶

プロジェクトは LXD サーバーを分割する方法です。 プロジェクトはそれぞれ自身のインスタンス、イメージ、プロファイル、ストレージボリュームを持つことができます。

これらのさまざまな機能はプロジェクトごとに有効化・無効化できます。無効にした場合、プロジェクトは default プロジェクトから継承します。

これに加え、プロジェクトは制約（restriction / 特定のデバイスタイプや特権コンテナの無効化など）と制限（limit / CPU、メモリー、インスタンス数の制限）をサポートしています。

インスタンス ¶

• コンテナ上でのシステムコールインターセプション
• 限られた mknod がコンテナ内で可能
• 限られた setxattr がコンテナ内で可能
• 特権が必要なファイルシステムのマウントを許可するために使用可能
• 一部のファイルシステムマウントを FUSE にリダイレクトするために使用可能
• バックアップ・リストア機能の追加（lxc export と lxc import）
• ストレージプール間のインスタンスのコピー・移動
• lxc copy --refresh を使った（ローカル、リモートの）インスタンスコピーのリフレッシュ（訳注: 差分コピー）
• 予想外の削除や id シフトからの保護（security.protection.delete と security.protection.shift）
• shiftfs のサポート追加。可能な場合には shiftfs を使用し従来の id シフトを置き換える
• 自動化されたスナップショットと expire
• 新しい unix-hotplug デバイスタイプ（unix-char や unix-block と同様のもの）
• usb デバイスの改良:
• 追加・削除の uevent がコンテナに転送されるようになりました
• すべての USB デバイスを渡すことができます
• proxy デバイスの改良:
• 特権を落とすオプション（security.uid and security.gid）
• ソケットの所有権のオプション（uid, gid, mode）
• HAProxy タイプヘッダーのサポート（proxy_protocol）
• 使用可能な場合 NAT を使った高速なプロキシー（nat）
• UDP、UNIX ソケットのサポート。UDP、TCP を使っている場合のポートの範囲
• disk デバイスの改良:
• Ceph rbd/fs ディスクの直接コンテナへのアタッチ
• カスタムのマウントオプション
• コンテナが読めるものへの uid/gid の変換のための shift プロパティ　
• nic デバイスの改良:
• 新しい ipvlan nic タイプ
• 新しい routed nic タイプ
• ipv4.routes と ipv6.routes プロパティ
• 簡単に LXD が管理するネットワークに接続するための network プロパティ
• セキュリティフィルタリングオプション
• SR-IOV デバイスでの VLAN と MAC フィルタリング

ネットワーク ¶

• 設定可能な NAT ソースアドレス（ipv4.nat.address and ipv6.nat.address）
• DHCP リース API と lxc network list-leases コマンド
• ネットワーク状態に関する API と lxc network info コマンド
• LXD が管理するネットワークでの設定可能な MAC アドレス（bridge.hwaddr）
• ファイアウォールのルール順がコントロール可能に（ipv4.nat.order and ipv6.nat.order）

ストレージ ¶

• スクラッチから書き直した新しい内部ストレージレイヤー
• 新しい cephfs ストレージバックエンド
• バックアップとイメージをストレージプール内に保存可能に
• カスタムストレージボリュームのスナップショット（スケジューリングと expire 処理を含む）
• LVM ストライピングサポート
• Ceph でメタデータとデータプールの分離
• dir バックエンドで ext4/xfs の "project quotas" 機能を使ったクォータ
• カスタムストレージボリュームの security.shifted プロパティ

イメージ ¶

• ネストした LXD でホストからイメージを取得するための API（security.devlxd.images）
• 新たに作成するイメージで squashfs 圧縮のサポート
• プロファイルをイメージに結びつけることが可能に
• イメージの expire 時期を変更できるように

クラスターの改良 ¶

• スタンバイデータベースノードのサポート
• データベース数とスタンバイノードの数が設定可能
• アーキテクチャー混在のクラスターリング
• クラスターリングのロール
• 新たな簡素化されたクラスター追加 API
• クライアントとクラスター用トラフィックのアドレスの分離
• 自動イメージレプリケーション

CLI¶

• lxc list と lxc image list の新しいカラム
• 新たに lxc alias コマンドを追加
• list コマンド全体を通して --format オプションをサポート
• すべての set コマンドで複数の key=value を受け付けるように
• exec コマンドが --uid と --gid と --cwd オプションを受け付けるように
• lxc copy と lxc move での設定の上書き
• クラスターリングに対してより多くのコマンドでの --target サポート

将来的な保証 ¶

• xtables の代替として nftables をサポート
• cgroup v2 を使った制限のサポート

API¶

• Canonical RBAC 経由の RBAC (Role Based Access Control) サポート
• デフォルトの TLS キーの EC384 化
• /1.0/containers の置き換えとして /1.0/instances エンドポイントの新設
• /1.0/instances と /1.0/images でのサーバーサイドのコレクションフィルタリングを追加
• /1.0/resources でのより広範囲のリソース API
• カーネルの機能が /1.0 で取得可能に
• LXC の機能が /1.0 で取得可能に
• core.debug_address 経由でのビルトインデバッグサーバー（pprof）設定
• 高需要エンドポイントでのバルククエリー（再帰）オプションの追加
• クラスター環境内のイベントとオペレーションが Location フィールドを持つように

完全な ChangeLog（翻訳なし） ¶

Here is a complete list of all changes in this release:

• shared/version/api: Add trust_ca_certificates
• doc: Add core.trust_ca_certificates
• lxd/cluster/config: Add core.trust_ca_certificates
• *: Add parameters to CheckTrustState
• shared/cert: Add CRL to CertInfo
• lxd/util/http: Check CRL for revoked clients
• test: Extend PKI test
• lxd/etag: Quote generated etag values
• lxd/apparmor: Apparently the order matters
• shared/version/api: Add snapshot_disk_usage API extension
• doc: Add snapshot_disk_usage
• lxd/storage/drivers/btrfs: Fix quota
• lxd/backup: Removes Privileged field from backup.Info struct
• lxd/backup: Adds new fields in index.yaml
• lxd/instances/post: bInfo.OptimizedStorage pointer usage
• lxd/storage/backend/lxd: CreateInstanceFromBackup OptimizedStorage pointer usage
• lxd/backup: Updates backupWriteIndex index.yaml fields
• lxd/backup: Removes Project field from index.yaml
• test/suites/storage: Add btrfs quota tests
• shared/api: Add size to InstanceSnapshot
• lxd/instance/drivers: Get snapshot usage
• lxd/storage/drivers/btrfs: Don't destroy qgroups
• lxd/storage/drivers: Moves functions from generic.go to generic_vfs.go
• lxd/storage/drivers: Generic VFS function usage after move &rename
• lxd/instance/drivers: Add custom volumes to disk state
• lxd/instance/drivers: Fix lxd-agent running order
• lxc: Deprecate --container-only
• i18n: Update translation templates
• tests: Move away from container-only
• lxc: Drop flagContainerOnly
• lxd/storage/zfs: Fix deleted VM images restoration
• lxc/storage/drivers/driver/btrfs/volumes: CreateVolumeFromBackup to use tar reader for optimized volume restore
• lxc/storage/drivers/driver/zfs/volumes: CreateVolumeFromBackup to use tar reader for optimized volume restore
• shared/archive: Adds CompressedTarReader function
• lxd/backup/backup: shared.CompressedTarReader usage
• test/suites/static/analysis: Reinstates checks for shared/instancewriter
• lxd/instance/post: InstanceID usage
• lxd/db/containers: Renames ContainerID to InstanceID
• lxd/instances/post: Logging in createFromBackup
• lxd/instances/post: Logging message change from container to instance
• lxd/instances/post: Switches to revert package in createFromBackup
• lxd: Merges instanceCreateFromBackup into createFromBackup
• lxd/storage/drivers/utils: Adds blockDevSizeBytes function
• lxd/storage/drivers/driver/ceph/volumes: Updates SetVolumeQuota to use blockDevSizeBytes
• shared/instancewriter/instance/file/info: Adds FileInfo for os.FileInfo implementation
• shared/instancewriter/instance/tar/writer: Adds WriteFileFromReader function
• lxd/backup: Switches index.yaml file generation to use WriteFileFromReader in backupCreate
• lxd/api/internal: d.cluster.InstanceID usage
• lxd/storage/backend/lxd: Better error msg context in CreateInstanceFromBackup
• lxd/backup: Removes volume type restriction in backupCreate
• lxd/storage/drivers/generic/vfs: Adds VM support to genericVFSBackupVolume
• lxd/storage/drivers: Uses sourcePath logging for consistency in BackupVolume
• lxd/storage/drivers/driver/zfs/volumes: Adds optimised VM backup to BackupVolume
• lxd/storage/drivers/driver/btrfs/volumes: Adds optimised VM backup to BackupVolume
• lxd/storage/backend/lxd: Adds volume type logic for VMs to CreateInstanceFromBackup
• lxd/api/internal: makes internalImport VM aware
• lxd/storage/drivers/generic/vfs: Adds VM support to genericVFSBackupUnpack
• lxd/storage/drivers/driver/zfs/volumes: MountVolume comment improvements
• lxd/storage/drivers/driver/zfs/volumes: UnmountVolume improvements
• lxd/storage/drivers/driver/zfs/volumes: Adds VM support to generic mode in MigrateVolume
• lxd/storage/drivers/driver/zfs/volumes: Adds VM support to MountVolumeSnapshot
• lxd/storage/drivers/driver/zfs/volumes: Adds VM support to UnmountVolumeSnapshot
• lxd/storage/drivers/driver/zfs/volumes: Adds support for VM optimized backup restore
• lxd/storage/drivers: Adds existing volume check to optimized backup restore
• lxd/storage/drivers/driver/btrfs/volumes: Adds support for VM optimized backup restore
• lxd/storage/backend/lxd: Updates CheckInstanceBackupFileSnapshots to be VM aware
• lxd/storage/backend/lxd/patches: Ignores snapshots when retrieving list of custom volumes to be renamed
• lxd/containers: Emit lifecycle event on user shutdown
• lxd/storage/drivers: Adds OptimizedBackups driver Info flag
• lxd/backup: Ignore requests for optimized backups when pool driver doesn't support it
• lxd/instances/post: Ensure optimized backup imports only import into same storage driver pools
• lxd/instance/exec: Adds protection against clients reconnecting after exec has started
• doc: Fix escaping
• lxd/cluster: Tweak errors
• api: clustering_edit_roles
• shared/api: Add ClusterMemberPut
• lxd/cluster: Make ClusterMember editable
• client: Add UpdateClusterMember
• lxc/cluster: Add edit sub-command
• i18n: Update translation templates
• lxd/firewall/drivers/drivers/consts: Adds FilterIPv6All constant
• cgroup/init: close controllers file
• doc/networks: Add missing maas.subnet.ipv4/maas.subnet.ipv6
• scripts/bash: Add maas.subnet.ipv4/maas.subnet/ipv6 to network
• client: Fix bad description for UpdateClusterMember
• lxd/device/nic/bridged: Allow security.ipv6_filtering to be used on networks without IPv6
• lxd/firewall/drivers/drivers/xtables: Adds FilterIPv6All support
• lxd/firewall: Dont use compact function arg definitions
• lxd/firewall/drivers/drivers/nftables: Adds FilterIPv6All support
• lxd/network/network/utils: Adds support for bridged NIC network property when rebuilding dnsmasq static config
• lxd/network/network/utils: Comment consistency
• lxd/device/nic/bridged: Allow security.ipv4_filtering to be used on networks without IPv4
• lxd/firewall/drivers/drivers/consts: Adds FilterIPv4All constant
• lxd/firewall/drivers/drivers/xtables: Adds Adds FilterIPv4All support
• lxd/firewall/drivers/drivers/nftables: Adds FilterIPv4All support
• test: Adds bridged NIC tests for total protocol filtering
• lxd/device/nic: Adds ipv4.host_address and ipv6.host_address keys
• lxd/device/nic/routed: Adds ability to specify host-side veth interface IP address
• api: Adds container_nic_routed_host_address API extension
• doc/instances: Updates routed nic doc with ipv4.host_address and ipv6.host_address keys
• scripts/bash/lxd-client: Updates bash device keys for routed NIC
• lxd/device/nic/ipvlan: Adds ipv4.gateway and ipv6.gateway support
• api: Adds container_nic_ipvlan_gateway API extension
• doc/instances: Adds ipvlan ipv4.gateway and ipv6.gateway docs
• lxd/device/nic/routed: Sets accept_ra=0 on host interface
• lxc: Fix for current cobra
• lxd/device/nic_routed: Don't fail on missing IPv6
• lxd/device/nic_routed: Set rp_filter=1
• forkexec: rework
• forkexec: tweak
• lxd/firewall/firewall/interface: Adds InstanceSetupRPFilter and InstanceClearRPFilter
• lxd/firewall/drivers/drivers/xtables: Improves proxy NAT rule removal errors
• lxd/firewall/drivers/drivers/xtables: Renames iptablesConfig to iptablesAdd
• lxd/firewall/drivers/drivers/xtables: Implements reverse path filters
• lxd/device/nic/routed: Applies firewall based reverse path filter for IPv4 and IPv6
• lxd/storage/drivers/ceph: Re-create image snapshot
• lxd/storage/drivers: Update comment on readonly snapshot
• lxd/firewall/drivers/drivers/nftables: Implements reverse path filters
• shared/instancewriter/instance/tar/writer: Adds ignoreGrowth arg to WriteFile
• lxd/storage/drivers/generic/vfs: Sets ignoreGrowth arg true in WriteFile usage
• lxd: Existing WriteFile usage updated to set ignoreGrowth to false
• lxd/device/nic/bridged: Disables IPv6 on bridged host side interface
• lxd/exec: Fix forwarding for VMs
• lxd: Rename forwarding functions
• i18n: Update translations from weblate
• lxd/networks: Fix network leases list for instances using "network" option
• lxd/instance/drivers/driver/qemu: Restart on failure
• shared/idmap: Better root fallback
• lxd/instance/drivers/driver/qemu: Fixes dependencies for lxd-agent
• lxd-agent/main/agent: Better logging
• shared/version/api: Add resources_usb_pci API extension
• doc: Add resources_usb_pci
• shared/api: Add USB and PCI resources
• shared/usbid: Add USB vendor and devices
• lxd/resources: Add USB resource
• lxd/resources: Add PCI resource
• test/suites/static_analysis: Skip shared/usbid/load_data.go

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 3.23 リリースのお知らせ¶

20th of March 2020

はじめに ¶

LXD チームは、LXD 3.23 のリリースをお知らせすることにとてもワクワクしています!

このリリースは最後の 3.x シリーズのリリースです。来週リリース予定の LXD 4.0 に少しの変更（いくつかの後方互換性のない CLI の調整）を加えています。

このリリースは、カスタムストレージボリューム、プロジェクト、仮想マシンを使うユーザーに特に機能が詰まったリリースです。

Enjoy!

ハイライト ¶

プロジェクトのカスタムストレージボリューム ¶

features.storage-volumes という新しいプロジェクトの機能が、すべての新しいプロジェクトで使えるようになりました。プロジェクトにカスタムボリュームを関連付けることができます。

この機能により、コンフリクトのリスクなしで専用のカスタムストレージボリュームのセットが作成できます。Canonical RBAC と組み合わせて、異なるプロジェクト間でストレージを適切に分離できるようになりました。

stgraber@castiana:~$ lxc storage volume list default | grep custom
+--------+----------+-------------+---------+
|  TYPE  |   NAME   | DESCRIPTION | USED BY |
+--------+----------+-------------+---------+
| custom | backups  |             | 1       |
+--------+----------+-------------+---------+
| custom | blah     |             | 0       |
+--------+----------+-------------+---------+
| custom | images   |             | 1       |
+--------+----------+-------------+---------+

stgraber@castiana:~$ lxc project create blah
Project blah created
stgraber@castiana:~$ lxc project switch blah

stgraber@castiana:~$ lxc storage volume create default foo
Storage volume foo created
stgraber@castiana:~$ lxc storage volume list default | grep custom
+--------+------+-------------+---------+
|  TYPE  | NAME | DESCRIPTION | USED BY |
+--------+------+-------------+---------+
| custom | foo  |             | 0       |
+--------+------+-------------+---------+
stgraber@castiana:~$

カスタムストレージボリュームのスナップショットのスケジューリング ¶

インスタンスと同じように、snapshots.schedule と snapshots.pattern 設定がカスタムボリュームでも使えるようになりました。

これらは lxc storage volume set POOL VOL KEY VALUE を使って直接設定できます。

カスタムストレージボリュームの有効期限 ¶

カスタムストレージボリュームで自動スナップショットが使えるようになったので、同時に有効期限の設定を行うのが良いでしょう。インスタンスで使えるものと合わせて、snapshots.expiry を使って設定できます。

既存のスナップショットの有効期限の編集は lxc storage volume edit POOL VOL/SNAP コマンドを使って行えます。

プロジェクトに対する制限値 ¶

プロジェクトごとに制限値をいくつか加えることができるようになりました。 現時点で使える制限値は次のものです:

• limits.containers 作成できるコンテナの総数
• limits.virtual-machines 作成できる仮想マシンの総数
• limits.cpu 使用できる仮想 CPU の数
• limits.memory 与えられるメモリーの総量
• limits.processes 起動できるプロセスの総数

最後の 3 つの設定は、プロジェクト内の全インスタンスで一致する設定を持つ必要があります。制限は実際の使用量ではなく、インスタンスに設定する制限値のトータルに対して適用されます。

プロジェクトに対する制約 ¶

（制限値に）加えて、いくつかの機能に対する制約もプロジェクトに適用できるようになりました。

オプションの全リストは https://linuxcontainers.org/lxd/docs/master/projects でご覧いただけます。

この機能は、restricted=true を使って制約をプロジェクトに適用すると、信頼できないユーザーに対して安全となるようにデフォルト設定されるようにデザインされています。その後制約を、潜在的により危険だったり、より制限の少ない設定やデバイスを許可するように緩めることができます。

Canonical RBAC とこの機能を組み合わせて、あまり信用できないユーザーに対してホスト上の完全な特権を与える必要なしに、共有 LXD サーバーやクラスターを実行できます。

バックアップ・エクスポートロジックの改良 ¶

lxc export が使うバックアップ・エクスポートロジックが更新されました。エクスポート中のディスクスペース量が減少しました。コンテナファイルは、ディスク上に作成される中間コピーファイルなしに直接圧縮した tarball に書き込まれます。

これによりエクスポートで使うディスクの使用量を大幅に減らすだけでなく、処理のスピードも向上しました。

VM: マイグレーションのサポート ¶

仮想マシンをローカルストレージプール間やリモートの LXD サーバー間でコピーできるようになりました。

この機能は "cold" マイグレーションのみであることに注意してください。仮想マシンは移動の間は停止していなければなりません。ライブマイグレーションは今後実装が予定されています。

VM: publish のサポート ¶

仮想マシンが lxc publish できるようになりました。より多くの仮想マシンを起動したり、他のサーバーに転送するのに使えるイメージが作成できます。

この機能はコンテナと完全に同じように動作しますが、仮想マシンのディスクはコンテナよりかなり大きいという事実を強調しておく必要があります。publish プロセス中にイメージを qcow2 に再度パックする必要がありますので、大きな仮想マシンを扱うためには、システム上にかなりの量のディスクの空き容量が必要になります。

完全な ChangeLog（翻訳なし）¶

Here is a complete list of all changes in this release:

• lxd/storage/zfs: Fix usage calculation
• Add go 1.14.x check
• lxd: Cleanup error messages
• lxd: Rename container files to instance
• tests: Update for rename
• production-setup: add net.core.bpf_jit_limit and kernel.keys.maxbytes
• doc/instances: Adds missing host_name key on routed nic device
• doc/instances: Documents ipv4.gateway and ipv6.gateway routed NIC keys
• lxd/device/device/utils/network: Adds NetworkValidGateway helper
• lxd/device/nic: Adds ipv4.gateway and ipv6.gateway validation
• lxd/device/nic/routed: Adds support for not adding automatic default gateway
• api: Adds extension container_nic_routed_gateway
• lxd/util/fs: Fixes go vet conversion from int64 to string yields a string of one rune error
• lxd/device/disk: Only unmounts non-root volumes attached
• lxd/daemon: Adds comment to AllowAuthenticated
• lxc/storage/volumes: Adds API permission check for permission "manage-storage-volumes"
• lxd/project/project: Comment tweak to Instance()
• lxd/project/project: Adds StorageVolume()
• lxd/project/project/test: Adds StorageVolume() test
• lxd/project/project: Adds StorageVolumeParts function
• lxd/project/project: Adds StorageVolumeProject function
• lxc/project: Adds STORAGE VOLUMES col to projects list
• doc/projects: Documents features.storage.volumes flag
• lxd/api/project: Adds features.storage.volumes to API
• lxd/db/migration: Adds features.storage.volumes true to default project on importPreClusteringData
• lxd/db/cluster/open: Adds features.storage.volumes true to default project in EnsureSchema
• scripts/bash/lxd-client: Adds features.storage.volumes to bash autocomplete
• lxd/daemon/storage: Error message quoting
• lxd/daemon/storage: Updates storage custom volume functions to pass project.Default
• lxd/daemon/storage: Adds support for custom volume projects
• lxd/device/disk: Updates custom volume disks to support projects
• lxd/patches: Updates patchStorageApiPermissions to use project.Default for custom volumes
• lxd/storage/backend/mock: Updates custom volume signatures to support projectName
• lxd/storage/pool/interface: Updates custom volume functions to support projectName
• lxd/storage/volumes: Error message quoting and comment tweaks
• lxd/storage/volumes: Improve volume type checks
• lxd/storage/volumes: Add custom volume project support
• lxd/storage/volumes: Migration project aware
• lxd/storage/volumes/snapshots: Improve volume type validation
• lxd/storage/volumes/snapshot: Error message quoting
• lxd/storage/volumes/snapshot: Adds project support for custom volumes
• lxd/storage/backend/lxd: Updates custom volume functions to support projects
• lxd/db/storage/pools: Removes incorrect assumption about custom vol projects in storagePoolVolumeGetType
• lxd/db/storage/pools: Comment and error msg tweaks
• lxd/db/storage/pools: Removes incorrect filter for project default when vol type is StoragePoolVolumeTypeCustom
• lxd/db/storage/pools: Updates StoragePoolVolumeSnapshotsGetType to filter by project
• lxd/db/storage: Removes StoragePoolNodeVolumeGetType
• lxd/db/storage: Fixes StoragePoolVolumeSnapshotsGetType to be project aware
• lxd/patches: Switches to using storageDrivers.GetVolumeMountPath
• lxd/storage/storage: Removes unused GetStoragePoolVolumeMountPoint
• lxd/api: Updates projectParam to use project.Default
• lxd: project.Default usage
• lxd/images: Comment weaks
• lxd/images: golint fixes
• lxd/project/limits: Default const usage
• lxd/storage/load: Adds support for custom vol projects to volIDFuncMake
• lxd/storage/load: Error msg quoting tweaks
• lxd/storage/volumes/utils: Error msg tweaks
• lxd/storage/volumes/utils: Removes unused supportedVolumeTypesExceptImages
• lxd/storage/volumes/utils: Updates storagePoolVolumeUpdateUsers to be project aware
• lxd/storage/volumes/utils: Removes storagePoolVolumeUsedByRunningInstancesWithProfilesGet and old link var
• lxd/container: Removes unused function instanceLoadAll
• lxd/storage/backend/lxd: Updates use of database functions to use projectName
• lxd/storage/utils: Adds VolumeUsedByRunningInstancesWithProfilesGet and removes old link var
• lxd/storage/utils: Makes VolumeSnapshotsGet project aware
• lxd/storage/utils: Makes VolumeUsedByInstancesGet project aware
• lxd/migrate/storage/volumes: Makes custom volume project aware
• lxd/storage/backend/lxd: b.state.Cluster.StoragePoolNodeVolumeGetTypeByProject usage
• lxd/storage/backend/lxd: Updates migration functions to be project aware
• lxd/storage/backend/mock: Updates migration functions to be storage aware
• lxd/storage/pool/interface: Updates migration functions to be project aware
• test: Updates tests for custom storage volume projects
• lxd/db/storage/pools: Makes StoragePoolNodeVolumesGetType project aware
• lxd/db/storage/pools: Removes StoragePoolNodeVolumeGetTypeID function
• lxd/patches: StoragePoolNodeVolumeGetTypeIDByProject usage
• lxd/patches: Improves error messages context
• lxd/storage/backend/lxd/patches: Adds custom volume rename patch to add project prefix
• lxd/storage/drivers/utils: Captures error context from e2fsck
• lxd/storage/drivers/utils: Dont use TryCommand when resizing
• i18n: Update translation templates
• lxd: Replaces == "true" with shared.IsTrue() for projects and profiles
• lxc: Replaces == "true" with shared.IsTrue() for project features
• lxd/firewall: Don't create zombies
• lxd/patches: Adds concept of stage to patch system
• lxd/daemon: Applies pre daemon storage patches
• lxd/storage/backend/lxd/patches: Skip already renamed volumes
• lxd/db/images: Removes unnecessary whitespace
• lxd/db/images: Updates ImagesGetExpired to return ExpireImage struct with projectName
• lxd/images: Updates pruneExpiredImages to support removing expired images from non-default projects
• driver_qemu: delete vm id from vmConsole
• ExecReaderToChannel: Prevent endless loops
• lxd/daemon/storage: Removes daemonStorageUsed function
• lxd/storage/utils: Adds VolumeUsedByDaemon function
• lxd: storagePools.VolumeUsedByDaemon usage
• lxd/storage/backend/lxd/patches: Adds daemon storage symlink update to lxdPatchStorageRenameCustomVolumeAddProject
• lxd/firewall/nft: Flush chain on delete
• lxd/firewall/nft: Handle json errors
• lxd/firewall/nft: Refuse to run on old kernels
• lxd/project: Rename limits.go to permissions.go
• shared/util/linux: Updates ExecReaderToChannel to accept a finisher chan as struct{}
• lxd-agent/exec: Updates usage of ExecReaderToChannel channel definitions
• shared/network: Removes logging internal state of websocket in WebsocketRecvStream
• shared/netutils/network/linux: Updates WebsocketExecMirror to use struct{} exited indicator channel
• lxd/instance/exec: Fixes VM read loop when agent not started
• lxd/project: Rename CheckLimitsUponInstanceCreation to AllowInstanceCreation
• lxd/project: Rename CheckLimitsUponInstanceUpdate to AllowInstanceUpdate
• lxd/project: Rename CheckLimitsUponProfileUpdate to AllowProfileUpdate
• lxd/project: Rename ValidateLimitsUponProjectUpdate to AllowProjectUpdate
• lxd/project: Rename checkAggregateInstanceLimits to checkRestrictionsAndAggregateLimits
• lxd/project: Extract checkAggregateLimits from checkRestrictionsAndAggregateLimits
• lxd/project: Honor the "restricted.containers.nesting" config
• lxd/project: Prevent using low-level container options
• lxd/project: Check if restrictions are consistent when updating a project config
• lxd/project: Honor the "restricted.containers.lowlevel" config
• lxd/project: Honor the "restricted.containers.privilege" config
• lxd/project: Also expand instance devices
• lxd/project: Add machinery to perform checks on instance devices
• lxc/project: Honor the "restricted.devices.unix-char" config
• lxd/project: Perform restrictions checks also on profiles config and devices
• lxc/project: Honor the "restricted.devices.unix-block" config
• lxc/project: Honor the "restricted.devices.unix-hotplug" config
• lxc/project: Honor the "restricted.devices.infiniband" config
• lxc/project: Honor the "restricted.devices.nic" config
• lxd/project: Honor the "restricted.devices.disk" config
• lxc/project: Honor the "restricted.devices.gpu" config
• lxc/project: Honor the "restricted.devices.usb" config
• lxc/project: Honor the "restricted.virtual-machines.lowlevel" config
• lxd/project: Pass current configuration to AllowInstanceUpdate
• lxd/project: Check restrictions for volatile config keys
• lxd/project: Adjust import order
• lxd/project: Drive-by lint fixes
• api: Add new restrict.* config keys to projects
• shared/version: Add "projects_restrictions" API extension
• doc/projects.md: Document project restrictions
• test: Add projects restrictions tests
• scripts: Update bash completion profile with new project config keys
• lxd/images: Allow virtual-machine and instance as source
• lxd/images: Set right image type on publish
• lxd/vm: Implement Export
• lxd/instance: Fix expiry check
• lxd/storage: Unpack unified VM images
• lxd/migration: Rebuilds migrate.pb.go
• lxd/migration: Adds BLOCK_AND_RSYNC migration transport type
• lxd/instances/post: Adds VM support to createFromMigration
• lxd/migrate/instance: Adds VM support to migrationSourceWs.Do
• lxd/rsync: Adds support for passing arguments to rsync send command
• lxd/storage/drivers/utils: Error quoting
• lxd/storage/drivers/driver/common: Updates MigrationTypes to support block volumes for VMs
• lxd/storage/drivers/driver/dir/volumes: Updates migration to support VMs
• lxd/storage/drivers/driver/dir/utils: Skips initial quota for VM block migration
• lxd/storage/drivers: Switches to ErrNotSupported for non-block volume paths
• lxd/storage/drivers/generic/vfs: Adds VM migration support to genericVFSMigrateVolume
• lxd/storage/drivers/generic: Adds VM migration support to genericCreateVolumeFromMigration
• lxd/storage/drivers: Removes dupe checks using genericVFSMigrateVolume
• lxd/storage/drivers/generic: Adds volume type specific migration transport type checks
• lxd/storage/drivers/driver/lvm/volumes: Removes dupe check done in genericCreateVolumeFromMigration
• lxd/migrate/storage/volumes: whitespace
• lxd/storage/drivers/driver/btrfs: Adds block migration negotiation
• lxd/storage/drivers/driver/btrfs/volumes: Adds VM migration support
• lxd/storage/backend/lxd: Improve delete error messages
• lxd/storage/utils: Adds FallbackMigrationType function
• lxd: Replaces hardcoded instances of migration.MigrationFSType_RSYNC
• lxd/storage/drivers/driver/zfs: Adds block migration negotiation
• lxd/storage/drivers/driver/zfs/volumes: Adds VM migration support
• lxd/storage/drivers/driver/ceph: Adds block migration negotiation support
• lxd/storage/drivers/driver/ceph/volumes: Adds VM migration support
• lxd/migrate/instance: Prevent live migrations for VMs
• lxd: Add "instance" string where necessary
• lxd/instances/snapshot: Fix expiration in profiles
• lxd/images: Fix source type handling
• lxc/export: Make API call more correct
• lxd/storage/drivers/driver/btrfs/volumes: Dont activate quotas if not used
• lxd/storage/drivers/driver/ceph/volumes: Adds VM block resize support
• doc/security: Adds network security section
• lxd: Unexport NewMigrationSource
• lxd/storage: Fix crash on VM unpack
• lxd: Unexport NewDaemon
• lxd: Unexport RestServer
• lxd: Unexport DefaultDaemonConfig and DefaultDaemon
• lxd: Unexports AllowAuthenticated and AllowProjectPermission
• lxd: Unexports DevLxdServer
• lxd: Unexports daemon feature functions
• lxd: Unexports migration setup functions
• lxd: Unexports forwarded response helpers
• client: Removes nullReadWriteCloser
• client: Removes unused proxyInstanceMigration function
• lxc-to-lxd: Removes unused vars
• lxc-to-lxd: Removes unused connectTarget
• lxc-to-lxd: Removes unused setupSource
• lxd/cluster: Removes unused flagForce
• lxc: Removes unused profile
• lxc/console: Removes unused getStdout
• lxd-agent: Removes unused rootUID and rootGID
• lxc: Removes unused func showByDefault
• lxd/cgroup: Removes unused cgCgroup2SuperMagic
• lxd-agent: Unexports NewDaemon
• memory_utils: align lxc + lxd
• tree-wide: consistently initialize raw fds to -EBADF instead of -1 in cgo
• lxd/storage/ceph: Fix ext4 shrinking
• lxc/remote: Use helpers
• lxc/remote: Validate remote name
• i18n: Update translation templates
• doc: Update requirements
• lxd/init: Don't offer dir as a remote backend
• lxc/config: Fix behaviour of instance snapshot expiry
• db/cluster: Bump the value of sqlite_sequence for storage_volumes
• po: Update translations
• shared/version/api: Add custom_volume_snapshot_expiry extension
• doc: Add custom_volume_snapshot_expiry
• lxd/db: Add expiry_date to storage_volumes_snapshots
• shared/api: Add expiry fields to StorageVolumeSnapshot*
• lxd/storage: Add expiry to volume snapshot pool functions
• lxd: Add snapshots.expiry config key for storage volumes
• lxd/db: Add custom volume snapshot functions
• lxd: Handle volume snapshot expiry
• lxd/storage: Add expiry date to VolumeDBCreate
• lxd/storage: Update expiry date when updating volume snapshots
• lxd/db: Add ProjectName to StorageVolumeArgs
• lxd/db: Add new OperationCustomVolumeSnapshotsExpire
• lxd/db: Add StorageVolumeSnapshotsGetExpired
• lxd: Remove expired custom volume snapshots
• *: Remove snapshot code from StoragePoolVolumeCreate
• lxc: Add --no-expiry for volume snapshots
• test: Add volume snapshot expiry test
• doc: Add keys to volume config
• po: Update translations
• lxd/storage/drivers/driver/lvm/volumes: Fixes LVM VM snapshot list
• lxd/cluster: Ignore CEPH custom volumes on removal
• shared/version: Add volume_snapshot_scheduling API extension
• lxd/storage: Add snapshots.* config keys
• lxd/db: Extend StorageVolumeArgs
• lxd: Support patterns in StorageVolumeNextSnapshot
• lxd/db: Add StoragePoolVolumesGetAllByType
• lxd: Add volume snapshot scheduling
• doc: Add volume snapshot scheduling
• lxd: Clean up logging for expired volume snapshots
• doc/networks: describe how to notify systemd-resolved of lxd nameserver
• lxd/storage/utils: Add missing comments
• lxd/storage/utils: Add forceRemoveAll
• lxd/storage/dir: Use forceRemoveAll
• lxd/api/cluster/test: Removes unused DISABLED_TestCluster_Failover
• lxd/api/cluster/test: Removes unused FLAKY_TestCluster_LeaveAndPromote
• lxd/cluster/gateway: Removes unused cachedRaftNodes
• lxd/cluster/heartbeat/test: Removes unused DISABLE_TestHeartbeat_MarkAsDown
• lxd/cluster/membership/test: Removes unused FLAKY_TestPromote
• lxd/db/containers: Removes unused snapshotIDsAndNames
• lxd/db/db/internal/test: Removes unused dir var
• lxd/db/testing: Removes unused var
• lxd/device/device/utils/unix: Removes unused unixDeviceInstanceAttributes
• lxd/device/nic/bridged: Removes unused dhcpAllocation
• lxd/firewall: Removes unused constants
• lxd/instance/drivers/driver/lxc: Removes unused cgroup2 var
• lxd/main/forkproxy: Removes unused udpConn var
• lxd/storage/drivers/driver/common: Removes unused load
• shared/generate/file/buffer: Removes unused varDeclSliceToString
• shared/generate/db/parse: Removes unused simpleTypeNames
• shared/generated/file/path: Removes unused absPath
• lxd/db/node: Tweaks LEFT JOIN to just JOIN in NodeIsEmpty()
• lxd/sys: Don't fail chmod on unresolvable symlinks
• shared/containerwriter: Renames to instancewriter
• lxd/instance/drivers: instancetarwriter usage
• shared/instancewriter/instance/tar/writer: Modifies WriteFile to accept a file name arg
• shared/instancewriter/instance/tar/writer: Adds ResetHardLinkMap function
• lxd/instance/drivers: instancetarwriter.WriteFile name arg usage
• lxd/db/containers: Renames ContainerBackupCreate and ContainerBackupRemove
• i18n: Update translations from weblate
• lxd/backup: Removes backupCreateTarball function
• lxd/backup: Updates instance backup to use tar writer rather than tar cmd
• lxd/backup: InstanceBackupRemove usage
• lxd/storage/drivers/utils: Minor tweak to copyDevice error message
• lxd/stroage/drivers/generic: Tweak error message of genericCreateVolumeFromMigration
• lxd/storage/drivers/generic/vfs: Switches genericVFSBackupVolume to tar writer
• lxd/images: Fixes unhandled error
• lxd/storage/backend/lxd: Adds tarWriter to BackupInstance function
• lxd/storage/backend/mock: Adds tarWriter to BackupInstance function
• lxd/storage/drivers/driver/ceph/volumes: Adds tarWriter arg to BackupVolume
• lxd/storage/drivers/driver/cephfs/volumes: Adds tarWriter arg to BackupVolume
• lxd/storage/drivers/driver/dir/volumes: Adds tarWriter arg to BackupVolume
• lxd/storage/drivers/driver/lvm/volumes: Adds tarWriter arg to BackupVolume
• lxd/storage/drivers/drivers/mock: Adds tarWriter arg to BackupVolume
• lxd/storage/drivers/interface: Adds tarWriter arg to BackupVolume
• lxd/storage/pool/interace: Adds tarWriter arg to BackupInstance
• lxd/storage/drivers/driver/btrfs/volumes: Adds tarWriter arg to BackupVolume
• lxd/storage/drivers/driver/zfs/volumes: Adds tarWriter arg to BackupVolume
• lxd/internal: Log some memory stats
• shared: Drop Pipe function
• lxd/containers: Add configfs and tracefs
• btrfs quota to simulate total disk size

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 3.22 リリースのお知らせ¶

6th of March 2020

はじめに ¶

LXD チームは、LXD 3.22 のリリースをお知らせすることにとてもワクワクしています!

このリリースでは、コンテナと仮想マシン両方にかなりの数の改良が加えられています。nftables サポートを追加し、xtables から切り替えられた一部の新しい Linux ディストリビューションに対する互換性が大きく向上しています。

このリリースとは別に、かなりの新しい VM イメージをイメージサーバーに追加しました。Ubuntu、Debian、Fedora、CentOS、OpenSUSE、ArchLinux の VM イメージを見つけられるでしょう。

Enjoy!

ハイライト ¶

プロジェクトに対するリソース制限 ¶

プロジェクトのリソース量を制限するのに使える新しい設定項目を追加しました:

• limits.containers
• limits.virtual-machines
• limits.cpu
• limits.memory
• limits.processes

CPU、メモリ、プロセスの制限を使う際に適用される制限がいくつかあります。詳しくは公式ドキュメントをご覧ください: プロジェクトの制限

ファイアウォールの nftables バックエンド ¶

最近の LXD リリースで、ファイアウォールのリクエストに対する内部抽象化レイヤーが導入されました。 これは、LXD ネットワークのファイアウォール、NAT、コンテナに対するプロキシーデバイス、IP や MAC フィルタリングなど、あらゆるものに対応しています。

このリリースの LXD で、新しいバックエンドとして、nft が既存の xtables 実装に加わりました。 起動時に LXD はシステムでどちらが現在使用されているかを検出し、以降はそれを使い続けます。

既存のバックエンドは lxc info で次のように参照できます:

stgraber@castiana:~$ lxc info | grep firewall:
  firewall: nftables

コンテナ: 非特権コンテナの Hugepages ¶

非特権コンテナで hugepages にアクセスできるようになりました。

• hugetlbfs ファイルシステムのマウントインターセプション
• hugepages に対して新たに制限を適用可能

x86_64 の設定例は次のようになります:

• security.syscalls.intercept.mount=true
• security.syscalls.intercept.mount.allowed=hugetlbfs
• limits.hugepages.1MB=1GB

hugepages の割り当ては、コンテナがすでに使っている通常のメモリに追加されることに注意してください。また、他の制限と同様に、制限を設定しないと無制限に hugepages を使えることに注意してください。

root@edfu:~# lxc init ubuntu:18.04 c1
Creating c1
root@edfu:~# lxc config set c1 security.syscalls.intercept.mount true
root@edfu:~# lxc config set c1 security.syscalls.intercept.mount.allowed hugetlbfs
root@edfu:~# lxc config set c1 limits.hugepages.2MB 1GB
root@edfu:~# lxc start c1

root@edfu:~# lxc exec c1 bash
root@c1:~# mkdir /dev/hugepages ; mount -t hugetlbfs hugetlbfs /dev/hugepages
root@c1:~# ls -lh /dev/hugepages/
total 0

VM: 9p ディスクデバイスのサポート ¶

LXD の仮想マシンに長く待望されていた機能のひとつが、ホストから仮想マシンに任意のパスを渡す機能でした。

LXD 3.22 で LXD 自身とエージェントのロジックを組み合わせることでこれを可能にしました。

これがプロファイルを通してコンテナと仮想マシンの両方で使えるようになりました。

root@edfu:~# lxc profile create shared-data
Profile shared-data created
root@edfu:~# lxc profile device add shared-data home disk source=/home path=/mnt/home
Device home added to shared-data
root@edfu:~# lxc profile device add shared-data srv disk source=/srv path=/mnt/srv
Device srv added to shared-data

root@edfu:~# lxc launch images:fedora/31 f31-ctn -p default -p shared-data
Creating f31-ctn
Starting f31-ctn
root@edfu:~# lxc launch images:fedora/31 f31-vm -p default -p shared-data --vm
Creating f31-vm
Starting f31-vm

root@edfu:~# lxc exec f31-ctn -- df -ah | grep /mnt
/dev/sdb1                   220G   12G  197G   6% /mnt/home
/dev/sdb1                   220G   12G  197G   6% /mnt/srv
root@edfu:~# lxc exec f31-vm -- df -ah | grep /mnt
lxd_home        220G   12G  197G   6% /mnt/home
lxd_srv         220G   12G  197G   6% /mnt/srv

VM: ファイルテンプレートのサポート ¶

イメージ内のテンプレートファイルが仮想マシンにも使えるようになりました。 テンプレートは、設定内で使用可能なメタデータを使ってホスト上の LXD が設定を読み込み、読み込まれたファイルは仮想マシンにインストールするためにエージェントに渡されます。

カスタムイメージへのテンプレートの追加がコンテナと同様に動作するようになり、LXD のイメージサーバー images: （https://images.linuxcontainers.org/）でも使われています。

完全な ChangeLog（翻訳なし） ¶

Here is a complete list of all changes in this release:

• lxc-to-lxd: golint fix
• lxd/cluster: golint fixes
• lxd/migration: golint fixes
• shared/containerwriter: golint fixes
• shared/generate: golint fixes
• shared/netutils: golint fixes
• tests: Update golint list
• shared: Fix HostPathFollow for stdin/stdout
• Allow build with GNU Make 4.3
• add mips architectures
• doc: tweak markdown format
• lxd/vm: Use -sandbox
• lxd/firewall/firewall/interface: Adds String() and Compat()
• lxd/network/network: Handle errors during firewall setup
• lxd/firewall/drivers/drivers/xtables: Changes XTables to Xtables for consistency
• lxd/firewall/drivers/drivers/xtables: Better validation in InstanceSetupProxyNAT
• lxd/firewall/drivers/drivers/xtables: Adds String() and Compat()
• lxd/firewall/firewall/load: Detect which firewall driver to use
• lxd/daemon: Log which firewall driver as selected
• api: API extension firewall_driver
• lxd/firewall/drivers/drivers/nftables: Adds nftables driver
• test: Updates container devices nic bridged filtering tests for nftables
• test: Updates proxy tests for nftables
• add riscv architecture definitions
• rv->riscv
• correct mips names (le->el), no aliases required
• lxd/storage/backend/lxd: Adds logging for CreateInstanceFromBackup post hook
• lxd/storage/backend/lxd: Refuse to create storage pool if dir exists on disk
• as the kernel only reports mips/mips64, specify 32 and 64bit arch and el as aliases
• lxd/main/import: Adds --project flag support to lxd import
• lxd/api/internal: Updates error messages in internalImport
• shared/util: Fix relative paths in HostPathFollow
• lxd/api/internal: Removes duplicate storage package import
• lxd/storage: Adds InstanceImportingFilePath function
• lxd/api/internal: storagePools.InstanceImportingFilePath usage
• lxd/container/lxc: storagePools.InstanceImportingFilePath usage
• lxd/api: projectParam comments
• lxd/api/internal: Uses StoragePoolNodeVolumeGetTypeByProject for project support
• lxd/storage/drivers/driver/lvm: Adds lvm.vg.force_reuse config option
• lxd/storage/pools/config: Adds lvm.vg.force_reuse option
• doc/api: Adds API extension storage_lvm_vg_force_reuse
• doc/storage: Adds lvm.vg.force_reuse option to storage pool config
• lxd/images: Removes hardcoded default project arg for ImageGet in autoUpdateImage
• lxd/images: Golint and comments
• lxd/instances: Pick correct default type from URL
• lxd/db: Set ceph.user.name if missing
• lxd/vm: Fix disk files and snap
• lxd/db: Fix ceph username in patch
• lxd/db: Revert 3da5aea1 fix, since in turn testify reverted the change
• lxd/db: un-export StorageVolumeNodeGet
• lxd/db: un-export StoragePoolVolumesGetType
• lxd/db: un-export StoragePoolVolumeGetTypeID
• lxd/db: un-export StoragePoolVolumeGetType
• lxd/db: un-export StorageVolumeConfigGet
• lxd/db: un-export StoragePoolVolumeTypeToName
• lxd/db: un-export StorageVolumeDescriptionUpdate
• lxd/db: un-export StorageVolumeConfigAdd
• lxd/db: un-export StorageVolumeConfigClear
• lxd/db/cluster: add new storage volume snapshots table
• lxd/db/cluster: drop snapshot column from storage_volumes table
• lxd/db/cluster: add storage_volumes_all view
• lxd/db/schema: include triggers when generating SQL for fresh schemas
• lxd/db/cluster: add triggers to check that volume IDs don't overlap
• lxd/db: change StoragePoolVolumeSnapshotsGetType to query the snapshots table
• lxd/db: change StorageVolumeNextSnapshot to query the snapshot table
• lxd/db: update StorageVolumeNodeAddresses to use storage_volumes_all
• lxd/db: update storagePoolVolumeGetTypeID to use storage_volumes_all
• lxd/db: update storageVolumeNodeGet to use storage_volumes_all
• lxd/db: update StorageVolumeDescriptionGet to use storage_volumes_all
• lxd/db: update storageVolumeIDsGet to use storage_volumes_all
• lxd/db: update StoragePoolVolumesGetNames to use storage_volumes_all
• lxd/db: update StoragePoolVolumesGet to use storage_volumes_all
• lxd/db: update storagePoolVolumesGetType to use storage_volumes_all
• lxd/db: update InstancePool to use storage_volumes_all
• lxd/db: update instancePoolSnapshot to use storage_volumes_all
• lxd/db: make StoragePoolVolumeDelete differentiate between regular volumes and snapshots
• lxd/db: make storageVolumeConfigGet differentiate between regular volumes and snapshots
• lxd/db: make storageVolumeDescriptionUpdate differentiate between regular volumes and snapshots
• lxd/db: make storageVolumeConfigAdd differentiate between regular volumes and snapshots
• lxd/db: make storageVolumeConfigClear differentiate between regular volumes and snapshots
• lxd/db: make StoragePoolVolumeRename differentiate between regular volumes and snapshots
• lxd/db: consider snapshots in StorageVolumeMoveToLVMThinPoolNameKey
• lxd/db: add ClusterTx.storagePoolVolumeGetTypeID() method
• lxd/db: make StoragePoolVolumeCreate differentiate between regular volumes and snapshots
• lxd/db: no need to update snapshot names in ContainerNodeMove
• lxd/db: copy volume snapshots in StoragePoolNodeJoinCeph
• lxd: no need to rename snapshot volumes when renaming a container
• lxd/db/cluster: migrate existing volume snapshots to the new table
• tests: some runs of "lxd import" don't fail anymore due to improved data integrity
• lxd/logging: Handle projects in log expiry
• doc: Fix escaping
• shared/api: Fix ServerEnvironment ordering
• lxd/vm: Fix snapshots
• lxd/storage/ceph: Fix leftover rbd
• lxd/storage/ceph: Fix zombie handling
• lxd/init: Use new network syntax
• tests: Check UUIDs while running
• Increase timeout of standalone SQL statements
• lxd/storage/ceph: Improve error reporting on map
• lxd/containers: Have findIdmap look at projects
• lxd/storage: Remove legacy dir implementation
• lxd/storage: Remove legacy btrfs implementation
• lxd/storage: Remove legacy zfs implementation
• lxd/storage: Remove legacy lvm implementation
• lxd/storage: Removes unused getPoolMountLockID
• lxd/storage/pools/utils: Comment on storagePoolDBCreate
• lxd/api/internal: Removes legacy storage pool loading
• lxd/api/internal: Consistent comment style
• lxd/api/internal: Stops using backup pkg name as variable
• lxd/api/internal: Switches internalImport to use pool.CheckInstanceBackupFileSnapshots
• lxd/storage/pool/interface: Adds CheckInstanceBackupFileSnapshots
• lxd/storage/errors: Adds ErrBackupSnapshotsMismatch error
• lxd/storage/backend/mock: Adds CheckInstanceBackupFileSnapshots
• lxd/storage/backend/lxd: Adds CheckInstanceBackupFileSnapshots implementation
• lxd/patches/utils: Removes unused functions
• lxd/api/internal: Adds sanity check for instance name in internalImport
• lxd/backup: Have tar not transform symlink targets
• lxd/storage/drivers/driver/lvm/volumes: Updates VolumeSnapshots to use lvs for snapshot list
• lxd/backup: Removes old storage loader
• lxd/container/lxc: Removes old storage loader
• lxd/storage: Removes unused storagePoolVolumeContainerCreateInit
• lxd/container: Removes old storage loader
• lxd/containers/post: Removes old storage loader
• lxd/daemon/storage: Consistent comment ending
• lxd/daemon/storage: Removes old storage loader
• lxd/images: Removes old storage loader
• lxd/migrate/container: Removes old storage loader
• lxd/migrate/storage/volumes: Removes old storage loader
• lxd/resources: Removes old storage loader
• lxd/storage/pools/utils: Removes old storage loader
• lxd/storage/pools: Removes old storage loader
• lxd/storage/volumes/snapshot: Removes old storage loader
• lxd/storage/volumes: Removes old storage loader
• lxd/storage: Removes old storage loader
• lxd/instance/drivers/driver/qemu: Removes storage layer transition workaround
• lxd/container/lxc: Makes Delete pool load logic same as VM type
• lxd: Storage loader comments
• lxd/storage: Removes unused functions
• lxd/storage/drivers/drivers/mock: Adds mock driver
• lxd/storage: Adds mock driver loading
• lxd/storage: Additional error checking
• lxd/storage/zfs: Set volmode=none for VM datasets
• lxd/logging: Updates log rotate to only remove .log files
• lxd/db: Rename ContainerListExpanded to instanceListExpanded
• lxd/db: Make instanceListExpanded account for projects without "features.profiles" enabled
• Removed Erroneous Space
• i18n: Update translation templates
• scripts: Update Project Tab Complete Script
• lxd/storage/drivers/driver/zfs/volumes: Create block volumes with volmode=none
• lxd/storage/drivers/driver/zfs/volumes: Use MountTask with CreateVolume
• lxd/storage/drivers/zfs/volumes: Makes MountVolume and UnmountVolume more thorough in detecting mounts
• lxd/storage/drivers/driver/lvm/volumes: Always ensure mount path after mount in CreateVolume
• lxd/storage/drivers/driver/common: Adds moveGPTAltHeader
• lxd/storage/drivers/driver/lvm/volumes: Adds moveGPTAltHeader usage
• lxd/storage/drivers/driver/zfs/volumes: Adds moveGPTAltHeader usage
• lxd/storage/drivers/driver/dir/volumes: Adds moveGPTAltHeader usage
• lxd/storage/drivers/driver/btrfs/volumes: Adds moveGPTAltHeader usage
• lxd/storage/drivers/driver/ceph/volumes: Adds moveGPTAltHeader usage
• lxd/storage/drivers/utils: Separates block file rounding logic into own function
• lxd/storage/drivers/generic/vfs: Adds genericVFSResizeBlockFile
• lxd/storage/drivers/driver/btrfs/volumes: ensureVolumeBlockFile usage
• lxd/storage/drivers/driver/dir/volumes: Adds block resize support to SetVolumeQuota
• lxd/storage/drivers/driver/btrfs/volumes: Adds block resize support to SetVolumeQuota
• lxd/storage/drivers/driver/zfs/volumes: Call SetVolumeQuota from CreateVolumeFromCopy
• lxd/storage/drivers/driver/zfs/volumes: Apply block size changes in SetVolumeQuota
• lxd/storage/drivers/driver/btrfs/volumes: Calls SetVolumeQuota when creating/updating volumes
• lxd/storage/drivers: SetVolumeQuota falls back to defaultBlockSize
• lxd/patches: Updates patches to use new storage driver mount/unmount
• lxd/patches: Replaces s.StoragePoolCreate with new storage framework
• lxd/storage: Removes storagePoolInit
• scripts: Fix syntax errror
• lxd/main/init: Removes legacy storage drivers from availableStorageDrivers
• lxd/patches: Updates patchStorageApiPermissions to use new storage drivers
• lxd/storage: Removes storageCoreInit function
• lxd/storage: Removes legacy drivers from storagePoolDriversCacheUpdate
• lxd/db: Start-up check ignores pending nodes with out-of-date schema
• lxd/patches: Removes old storage layer from upgradeFromStorageTypeLvm
• lxd/container/lxc: Removes some calls to the old storage layer
• lxd/migrate/container: Removes calls to old storage layer
• lxd/migrate/storage/volumes: Removes calls to old storage layer
• lxd/patches: Switches upgradeFromStorageTypeLvm to use new storage layer
• lxd/storage/migration: Removes unused functions
• lxd/instance: Extract LoadInstanceDatabaseObject from fetchInstanceDatabaseObject
• lxd/project: Add initial CheckLimitsUponInstanceCreation
• lxd/project: Check that the project's "limits.memory" is honored when creating an instance
• lxd/project: Add CheckLimitsUponInstanceUpdate
• lxd/project: Add initial ValidateLimitsUponProjectUpdate
• lxd/project: Validate changes to the project's "limits.memory" value
• lxd/project: Add CheckLimitsUponProfileUpdate
• lxd/project: Check that the project's "limits.processes" config is honored
• lxd/project: Don't allow percentage values for limits.memory
• lxd/project: Skip limit checks if the project has no limits configured
• lxd/project: Check that the project's "limits.cpu" config is honored
• api: Use project.Config as etag field, without specifiying individual keys.
• api: Properly detect which project config keys were specified in a PATCH request
• api: Add helper logic to detect if a project config key has changed
• api: Add new "limits.*" project configuration keys
• api: Plug ValidateLimitsUponProjectUpdate into projectChange
• api: Plug CheckLimitsUponInstanceCreation into containersPost
• api: Plug CheckLimitsUponInstanceUpdate into containerPut and containerPatch
• api: Plug CheckLimitsUponProfileUpdate into profilePut and profilePatch
• test: Add project limits tests
• shared/version: Add "projects_limits" API extension
• doc: Add documentation about projects limits
• lxd/storage/drovers/driver/lvm/utils: Dont format block volumes with filesystem
• lxd/storage/zfs: Skip volmode on 0.6
• lxd/storage: Removes unused files
• lxd/container: Removes containerCreateEmptySnapshot
• lxd/container/lxc: Removes legacy storage functions
• lxd/main/init: Refactors availableStorageDrivers to not use old storage layer
• lxd/main/init/auto: Removes dep on supportedStoragePoolDrivers
• lxd/migrate: Removes old storage type reference
• lxd/migrate/storage/volumes: Removes reference to old storage type
• lxd/storage: Removes legacy storage interface and unused functions
• lxd/storage/drivers/load: Adds AllDriverNames
• lxd/storage/migration: Removes unused functions
• lxd/storage/pools/config: Removes ref to supportedStoragePoolDrivers
• lxd/storage/utils: Remove unused functions
• lxd/storage/volumes/utils: Removes unused function
• lxd/storage: Removes unused files
• lxd/main/test: Removes legacy mock storage references
• lxd/migrate: Removes unused struct
• lxd/storage: Removes unused functions
• lxc/containers: Fix cgns-less fallback
• lxd/storage/drivers/driver/ceph/volume: Don't format block volumes with a filesystem
• lxd/storage/drivers: Don't use named temporary dirs
• lxd/instance/drivers/driver/lxc: Removes temporary lxc placeholder
• lxd/container/lxc: Moves to instance/drivers package
• lxd/container/lxc/exec/cmd: Moves to instance/drivers package
• lxd/api/internal: instance.Container usage
• lxd/container: instance.CriuMigrationArgs, inst.Migrate() and instance.Container usage
• lxd/container/console: instance.Container usage
• lxd/container/exec: instance.Container usage
• lxd/container/lxc/utils: Removes idmapsetFromString
• lxd/container/test: instance.Container usage
• lxd/devices: inst.RegisterDevices usage
• lxd/devlxd: Removes devlxdEventSend
• lxd/devlxd: instance.Container usage
• lxd/instance/drivers/driver/lxc: Renames containerLXC to lxc
• lxd/instance/drivers/driver/lxc: Removes temporary loader placeholders
• lxd/instance/drivers/driver/lxc: Renames lxc to liblxc
• lxd/instance/drivers/driver/lxc: db.StoragePoolVolumeTypeContainer usage
• lxd/instance/drivers/driver/lxc: Adds devLxdSendEvent
• lxd/instance/drivers/driver/lxc: Updates use of instance.CriuMigrationArgs
• lxd/instance/drivers/driver/lxc: Adds RegisterDevices function
• lxd/instance/drivers/driver/lxc: Moves storage util functions and updates usage
• lxd/instance/drivers/driver/lxc: Adds SaveConfigFile function
• lxd/instance/drivers/driver/lxc/cmd: Renames ContainerLXCCmd to lxcCmd
• lxd/instance/drivers/driver/qemu: Adds RegisterDevices as a no-op
• lxd/instance/instance/interface: Adds RegisterDevices
• lxd/instance/drivers/load: LXC loader functions renamed
• lxd/migrate/container: instance.CriuMigrationArgs and instance.Container usage
• lxd/patches: Updates patchContainerConfigRegen to use LXC.SaveConfigFile()
• lxd/patches: BTRFS storage functions usage
• lxd/patches/utils: storageDrivers.BTRFSSubVolumesGet and removes unused functions
• lxd/storage: instance.Container usage
• lxd/storage: storageDrivers util functions usage
• lxd/storage/drivers/utils: Adds util functions moved from main pkg
• lxd/apparmor/apparmor: Removes dependency on c.DaemonState()
• lxd/container/snapshot: Removes dependency on sc.DaemonState()
• lxd/instance/drivers/driver/test/utils: Adds PrepareEqualTest function
• lxd/container/test: instanceDrivers.PrepareEqualTest usage to fix crash
• lxd/instance/drivers/driver/lxc: golint fixes
• lxd/instance/drivers/driver/lxc: Removes DaemonState function
• lxd/instance/drivers/driver/qemu: Removes DaemonState function
• lxd/instance/instance/interface: Removes DaemonState function
• lxd/instance/instance/interface: Adds SaveConfigFile
• lxd/migrate/container: Removes s.instance.DaemonState dependency
• lxd/profiles/utils: Removes use of containerLXC type
• lxd/seccomp/seccomp: Removes c.DaemonState dependency
• lxd/storage/drivers/utils: golint fixes
• lxd/instance/instance/interface: Adds Container interface
• lxd/instance/instance/interface: Adds CriuMigrationArgs type
• lxd/backup/backup: Comment clarifying existence of Instance interface
• lxd/seccomp/seccomp: Comment clarifying existence of Instance interface
• lxd/daemon: Moves shared mount state to use daemon.SharedMountsSetup var
• lxd/instance/drivers/driver/lxc: Updates to use daemon.SharedMountsSetup var
• lxd/instance/instance/interface: Adds Migrate function
• lxd/instance/drivers/qemu: Adds Migrate placeholder function
• lxd: Ensure gopkg.in/lxc/go-lxc.v2 is consistently imported as liblxc
• lxd/instanc/instance/errors: Adds ErrNotImplemented error
• lxd/instance/drivers/driver/qemu: instance.ErrNotImplemented usage
• lxd/instance/drivers/driver/qemu: Adds SaveConfigFile placeholder
• lxd/instance/instance/interface: Adds OnHook function to interface and adds hook constants
• lxd/instance/drivers/driver/lxc: Implements OnHook function
• lxd/instance/drivers/driver/qemu: Implements OnHook placeholder function
• lxd/api/internal: Updates hook usage to OnHook
• shared/idmap/idmapset/linux: Adds JSONUnmarshal function
• lxd/storage: idmap.JSONUnmarshal usage
• lxd/daemon: Import instance/drivers package so init() function runs
• lxd/vm: Generate the template files
• lxd-agent: Put templates in place
• doc: Typo and formatting improvements
• shared/idmap: Adds JSONMarshal function
• lxd/device/disk: Replaces call to StorageVolumeMount with functions on disk device
• lxd/storage: Removes storageVolumeMount and storagePoolVolumeAttachPrepare
• lxd/storage/utils: Adds VolumeUsedByInstancesGet
• lxd/storage/volumes/utils: storagePools.VolumeUsedByInstancesGet usage
• lxd/storage: Removes unused functions
• lxd/device: Removes usage of StorageRootFSApplyQuota, StorageVolumeMount and StorageVolumeUmount
• lxd: Removes old storagePoolVolumeType constants
• lxd: Removes storagePoolVolumeType constants
• lxd/container/lxc/utils: Removes unused file
• lxd/instance: Removes CGroupGet as is unused
• seccomp: handle hugetlbfs mount syscall interception
• lxd/device/disk: Validation error message quoting consistency
• Promote nodes if for whatever reason the n of voters drop below 3
• api: add container_syscall_intercept_hugetlbfs
• cgroup: add support for the hugetlb controller
• containers: add support for hugepage limits
• api: add limits_hugepages api extension
• doc: add limits.hugepages.* keys
• lxd/vm: Set gic-version on arm64
• lxd/device/disk: Adds support for adding directory source for VM 9p sharing
• lxd/device/disk: Adds support for disk 9p directory share
• lxd/instance/instance/type: Adds VMAgentMount type
• lxd/instance/drivers/driver/qemu: Removes unused architecture var
• lxd/instance/drivers/driver/qemu: Adds support for passing through unix socket FD to qemu
• lxd/instance/drivers/driver/qemu: Adds openUnixSocket function
• lxd/instance/drivers/driver/qemu: Adds addFileDescriptor function
• lxd/instance/drivers/driver/qemu: Adds addDriveDirConfig function
• lxd/instance/drivers/driver/qemu/templates: Adds 9p directory disk device template
• lxd-agent/main/agent: Adds support for mounting 9p shares
• lxd/instance/drivers/driver/qemu: Tweaks template whitespace removal to leave newline between sections
• lxd/project/project: Renames Prefix() to Instance()
• lxd: project.Instance() usage
• lxd/project/project/test: Updates for project.Instance rename
• lxd/instance/drivers: Add trans=virtio to 9p mount
• Missing bootstrap error check
• lxd-agent: Load vhost module
• lxd/storage/zfs: Fix default VM size
• lxd/vm: Tweak to mount field names
• lxd-agent: Create mount path if missing
• doc: Tweak markdown format for itemization
• lxd/storage/ceph: Implement GetVolumeUsage
• lxd/device/disk: Adds mountPoolVolume function
• lxd/device/disk: Error message quoting
• lxd/device/disk: Adds pool volume support for VMs
• lxd/device/disk: Switches createDevice to use d.mountPoolVolume for containers
• lxd/device/disk: Renames storagePoolVolumeAttachPrepare to storagePoolVolumeAttachShift
• lxd/device/disk: Ensures custom pool volumes are unmounted on VM device stop
• unix-hotplug: fix device removal and zero padding
• i18n: Update translations from weblate

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 3.21 リリースのお知らせ¶

13th of February 2020

はじめに ¶

LXD チームは、LXD 3.21 のリリースをお知らせすることにとてもワクワクしています!

このリリースは、これまでと同様の 2 週間の短い開発サイクルのリリースで、多数のストレージ、VM、ネットワークのバグフィックスとリファクタリングを含んでいます。

機能的には、ネットワークインターフェースを接続する新たな簡単な方法、新たなクラスタリングデータベースの設定、多数の仮想マシンの改良があります。

Enjoy!

ハイライト¶

LXD が管理するネットワークに対する新たな接続方法 ¶

LXD が直接管理しているブリッジインターフェースを使う場合（lxc network list 参照）、次のように直接そのブリッジにインスタンスを接続できるようになりました:

eth0:
    type: nic
    network: lxdbr0
    name: eth0

もしくは lxc config device add c1 eth0 nic network=lxdbr0 name=eth0 のように実行します。

nictype: bridged や parent: lxdbr0 というプロパティは設定する必要がありません。代わりに network に LXD ネットワークを設定すれば、すべて完了です。

このモードでは、ブリッジの MTU は自動的にネットワークインターフェースから継承します。IPv4/IPv6 アドレスは、ネットワークに設定されたサブネットに対して検証されます。そして、MAAS IPv4, IPv6 サブネットは、個別のインターフェースでなくネットワークを通して設定されるようになりました。

Ceph ドライバーの新しいストレージドライバーインフラストラクチャーへの移植 ¶

Ceph ストレージドライバーが、新しいストレージインフラストラクチャーに移植される最新で最後のドライバーです。ユーザーに見えない変更がありますが、LXD で Ceph をお使いのユーザーは、まずは重要ではないシステムで 3.21 へのアップグレードを試し、ストレージに関連する問題をすみやかに報告することをおすすめします。

この最後のドライバーの移植で、LXD のコードベースからすべての古いストレージインフラストラクチャーを削除する作業を始められるようになりました。これにより、今後の保守が大幅に容易になります。

クラスタリング: アクティブとスタンバイのメンバーの数を設定できるようになりました ¶

クラスターに対する設定オプションをふたつ追加しました。

• cluster.max_voters は、期待するアクティブデータベースクラスターのメンバー数を設定します（投票 (voting)）
• cluster.max_standby は、期待するスタンバイデータベースクラスターのメンバー数を設定します（非投票 (non-voting)）

デフォルトの設定は 3 台の投票 (voting) メンバーと、2 台のスタンバイメンバーです。投票 (voting) メンバーがダウンした場合、スタンバイは速やかに投票 (voting) に昇格し、予備の待機メンバーがスタンバイに昇格するかもしれません。

投票 (voting) メンバーの数を増やすとデータベースのパフォーマンスが低下するでしょう。これは、変更に同意するメンバーの数が増えるからです。スタンバイメンバーの数を増やしてもデータベースのパフォーマンスに影響は与えませんが、データベースバイナリストリームを取得する必要のあるメンバーが増えるので、ネットワーク負荷が増加するでしょう。

ほとんど間髪を入れずに 2, 3 のメンバーを失う可能性があるクラスターでのみ、これらのデフォルト値を増やすことを検討すべきです。

VM: CPU ピンニングとトポロジー ¶

limits.cpu で、コンテナでサポートされているように、特定の CPU ID を設定できるようになりました。例: limits.cpu: 0,2、limits.cpu: 0-3。

リストで指定された物理 CPU（やスレッド）への VM の仮想 CPU のピンニングに加えて、LXD は VM の CPU トポロジーを一致させようとします。

先の例の limits.cpu: 0,2 は、デュアルコアのハイパースレッドサポートの Intel システムでは、最初のコアとそのハイパースレッドを指します。その結果、仮想マシンではシングルソケット、シングルコア、ハイパースレッド CPU で構成され、物理ハードウェアと一致するように両方のスレッドが固定されます。

同じロジックが、ハイパースレッディングサポートの有無に関わらず、マルチソケット、マルチコアのシステムをサポートします。limits.cpu で指定された CPU が実際のハードウェア構成（各ソケットの同じ数のコア、すべてのコア上の同じ数のスレッド、…）と一致する限り、LXD は VM 設定を一致させ、ピンニングも一致するように設定することを保証します。

要求された設定が正しくない場合（ハードウェアと一致しない場合）、LXD はフォールバックし、シングルソケットのハイパースレッディングなしのマルチコア VM を提供し、設定した CPU ID それぞれをコアとして扱います。これは明らかに理想的な状況ではありませんので、このような状況になれば、警告が LXD ログに記録されます。

VM: ネットワークとストレージの最適化 ¶

ネットワークパフォーマンスを改良するため、LXD はネットワークデバイスに vhost_net を使います。

ストレージフロントでは、virtio-scsi ドライブで discard が有効になり、ブロックを破棄したり、ベースのファイルストレージを縮小したり、バックのドライブがブロックをより適切に管理できるようになったりしました。

VM: IPv6 アドレスのエージェントレスのレポーティング ¶

これまでは、仮想マシンの IP アドレスは LXD の DHCP サーバからのみ取得していました。 これは IPv4 では確実に動作しますが、ほとんどの IPv6 デプロイで使う SLAAC では、DHCPv6 リースが付属していないので、LXD では取得されません。

これを回避する方法のひとつは、VM 内で実行する LXD エージェントに頼ることでした。このエージェントは仮想マシン向けにネットワーク情報を取得するのに使います。

しかし、それが不可能な場合でも、LXD は一致する IPv6 アドレスの近傍レコードも参照するようになりました。

stgraber@castiana:~$ lxc list win10
+-------+---------+----------------------+----------------------------------------------+-----------------+-----------+
| NAME  |  STATE  |         IPV4         |                     IPV6                     |      TYPE       | SNAPSHOTS |
+-------+---------+----------------------+----------------------------------------------+-----------------+-----------+
| win10 | RUNNING | 10.166.11.118 (eth0) | 2001:470:b368:4242:9dff:908:98a9:c0c3 (eth0) | VIRTUAL-MACHINE | 0         |
+-------+---------+----------------------+----------------------------------------------+-----------------+-----------+

完全な ChangeLog（翻訳なし） ¶

Here is a complete list of all changes in this release:

• lxd/migrate/container: Fixes migrate refresh final sync snapshot bug
• lxd/migration/migration/volumes: Comment on Data property of VolumeSourceArgs
• lxd/storage/drivers/driver/zfs/volumes: Explain use of volSrcArgs.Data for migration
• lxd/instance/drivers/load: Pass copy of device config to device.Validate
• lxd/device/nic/bridged: Updates use of network pkg functions
• lxd/device/nic/bridged: Uses network.LoadByName to access n.HasDHCPvX() helpers
• lxd/device: networkRandomDevName usage
• lxd/network/network/load: Adds LoadByName function
• lxd/network: Adds network type in network pkg
• lxd/network/network/utils: Moves network utils from main pkg
• lxd/instance/instance/utils: Removes NetworkUpdateStatic function link
• lxd/instance/instance/utils: Adds more instance load functions
• lxd/container: Removes instance load functions moved to instance pkg
• container/lxc: network.UpdateDNSMasqStatic usage
• lxd: instance.LoadNodeAll usage
• lxd: instance.LoadByProject usage
• lxd: instance.LoadByProjectAndName usage
• lxd/device/device/utils/network: Updates network package usage
• lxd/device/device/utils/network: Unexports some non-shared functions
• lxd/network/utils: Removes network utils functions used by network type
• lxd/networks/config: Removes networkFillAuto function
• lxd/networks: Removes network type and networkLoadByName function
• lxd/device: networkCreateVlanDeviceIfNeeded and networkRandomDevName usage
• lxd: network package usage
• test: static analysis of network pkg
• lxd/instance/drivers/driver/qemu: network.GetLeaseAddresses usage
• lxd/instance/instance/utils: Removes linked function NetworkGetLeaseAddresses var
• lxd/network/network/utils: Adds GetMACSlice and GetLeaseAddresses functions
• lxd/networks: Removes networkGetLeaseAddresses functions
• lxd/networks/utils: Removes networkGetMacSlice function
• lxd/instances: Fix URLs to use /1.0/instances
• seccomp: make device number checking more robust
• Define MS_LAZYTIME for compatibility with old glibc
• lxd/vm: Use vhost_net
• lxd/vm: Enable block discard
• shared/archive: Fix out of space logic
• lxd/vm: Set Documentation in systemd units
• lxd/vm: Silence writeback warning for config drive
• lxd/device/nic/bridged: Load br_netfilter kernel module when using IPv6 filtering
• lxd/networks/configs: Adds maas.subnet.ipv{4,6} to allowed network keys
• lxd: Device name quoting in device errors
• lxd/device/nic: Adds network as valid nic property
• lxd/networks: Uses HasDHCPv6 function and updates comment
• lxd/network: Adds DHCP range parsing functions
• lxd/device/nic/bridged: Updates to use network type DHCP ranges functions and types
• lxd/device/nic/bridged: Adds support for network property
• doc: Adds API extension for instance_nic_network
• shared/version/api: Adds API extension for instance_nic_network
• test/suites/container/devices/nic/bridged: Adds network property tests
• doc: Adds network property to instance NIC bridged device
• lxd/storage/zfs: Fix argument ordering
• unix hotplug: skip devices without associated devpath or major/minor
• lxd: Switches to simpler conn.WriteMessage function
• lxd/storage/drivers: Add MountedRoot to Info
• lxd/storage: Honor MountedRoot in pool actions
• lxd/networks: Consider IPv6 neighborhood entries
• lxd: Uses gorilla WriteJSON where possible
• lxd/storage/drivers: Set MountedRoot option
• lxd/main_checkfeature: add explicit _exit() even if it's not needed
• lxd/main_checkfeature: s/exit()/_exit()/g
• cgo: export wait_for_pid() helper
• lxd/main_checkfeature: close listener
• lxd/main_checkfeature: don't depend on kcmp header
• lxd/device: Async CEPH unmap
• lxd/storage/drivers/driver/lvm: Uses d.thinpoolName() rather than d.config["lvm.thinpool_name"]
• lxd/patches: setupStorageDriver usage
• lxd/storage: Renames SetupStorageDriver to setupStorageDriver for consistency
• lxd/storage/drivers/driver/zfs: Adds zfs kernel module load fail detection
• lxd/daemon: setupStorageDriver usage
• lxd/daemon: Comment consistency
• lxd/storage/drivers/driver/lvm: Makes lvm.vg_name required for mounting
• lxd/db/cluster/update: Adds updateFromV23 for ensuring lvm.vg_name key is set
• lxd/db/cluster/update: Superfluous trailing whitespace
• lxd/db/cluster/schema: v24 update
• lxd/device/config/devices: Adds NICType function on Device type
• lxd: Device.NICType usage
• lxd/device/nic/bridged: Bans use of nictype when using network property
• test: Updates nic bridged tests for NICType logic
• lxd/network/network/utils: Fix network in use detection
• lxd-agent/exec: Logs signal forwarding as info rather than error
• lxd/container/exec: Only log finished mirror websocket when go routine exits
• lxd/instance/drivers/driver/qemu: Fix go routine leak and hanging lxc clients
• shared: Upper case first character of some debug messages
• lxd/device/nic/bridged: Switches to dnsmasq.DHCPAllocatedIPs()
• lxd/device/nic/bridged: Switches to dnsmasq.DHCPStaticIPs()
• test/suites/container/devices/nic/bridged: Adds test to detect leaked filters
• lxd/device/nic/bridged: Fixes bug that leaks ebtables filters
• lxd/project: Adds InstanceParts() function for separating project prefixed Instance name
• lxd/storage/load: Updates volIDFuncMake to use project.InstanceParts()
• lxd/util: Fix IP/host tests on other distros
• lxd/storage/drivers: Add Ceph driver
• lxd: Use new storage code for Ceph clustering
• Unlock when isLeader failure
• lxd/storage/ceph: Function ordering and comments
• lxd/storage/ceph: Properly handle os.Remove
• lxd/storage/ceph: Comment consistency
• lxd/storage/ceph: Set DirectIO
• lxd/storage/ceph: Unwrap if statement
• lxd/storage/ceph: Unwrap function signatures
• lxd/storage/ceph: Rework MountVolume
• lxd/patches: Re-run VM path creation
• tests: Add ceph to list of new drivers
• lxd/firewall: Moves iptables/xtables implementation into firewall/drivers package
• Consider the default port when checking address overlap
• lxd/firewall: Updates interface and loader for new pkg
• lxd: firewall/drivers pkg usage
• lxd/device/config/device/proxyaddress: Moves ProxyAddress type
• lxd/main/forkproxy: Updates use of ProxyAddress type
• lxd/device/proxy: Switches to use firewall.InstanceSetupProxyNAT()
• lxd/firewall/firewall/interface: Reworks firewall interface
• Re-disable clustering upgrade test
• lxd: Fix error message when deleting storage pools
• lxd/firewall/drivers/drivers/xtables: Implements xtables driver
• lxd/network/network/utils: Adds UsesIPv4Firewall and UsesIPv6Firewall functions
• lxd/device/nic/bridged: Switches to firewall.InstanceSetupBridgeFilter and InstanceClearBridgeFilter
• lxd/network/network: firewall.NetworkSetupForwardingPolicy usage
• lxd/network: firewall.NetworkSetupOutboundNAT usage
• lxd/network: Updates firewall DHCP/DNS function usage
• lxd/firewall/drivers/consts: Removes unused constants
• lxd/network: Updates to use firewall helper functions
• lxd/dnsmasq: Makes DHCPStaticIPs project aware
• lxd/device/nic/bridged: dnsmasq.DHCPStaticIPs project usage
• lxd/network/network/utils: dnsmasq.DHCPStaticIPs project usage
• test: Removes old iptables package from static analysis
• test: Fixes iptables rule leak in clustering test
• shared: Add HostPathFollow
• lxc/file: Follow symlinks on individual file transfers
• lxd/container: Protect file push/pull from shift
• Add cluster.n_voters and cluster.n_standby configuration keys
• Load configuration keys when checking for n of voters/stand-by
• doc/clustering.md: describe usage of clustering size config keys
• Drive-by: fix check for degraded cluster
• doc/server.md: add cluster.max_voters/max_standby
• api: Add clustering_sizing extension
• Revert "lxd/instance/drivers/driver/qemu: Fix go routine leak and hanging lxc clients"
• lxd/instance: Move ParseCpuset
• lxd/vm/qmp: Allow retrieving vCPU pids
• lxd/vm: Implement CPU pinning
• shared: get_poll_revents(): handle EAGAIN in addition to EINTR
• lxc: send SIGTERM when there's no controlling terminal
• shared: Add Uint64InSlice
• lxd/vm: Template sockets/cores/threads config
• lxd/vm: Attempt to line up CPU topology
• lxd init: Don't allow empty strings for the cluster host name
• node/config.go: Don't allow wild card addresses for cluster.https_address
• idmap:acl: don't add but update the acls
• shared/util: Tweak HostPathFollow to use readlink
• lxc/file: Expand complex symlink chains
• i18n: Update translations from weblate

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 3.20 リリースのお知らせ¶

30th of January 2020

はじめに ¶

LXD チームは、LXD 3.20 のリリースをお知らせすることにとてもワクワクしています!

私たちは、LXD 3.19 のリリースのあとに行われた多数の機能強化とバグ修正をすばやくまとめるために、通常の 1 ヶ月ごとのリリースから 2 週間のリリースに短縮しました。LXD 4.0 のリリースまでこのペースを保つつもりで、その後通常の 1 ヶ月ごとのリリースに戻る予定です。

このリリースは、オースティンのテキサス大学の学生のコントリビュートによる、3 つの機能追加・改良を含みます。

• API コレクションのサーバ側でのサポート
• 新しい unix-hotplug デバイスタイプ
• バックグラウンドプロセス管理の見直し

これらのインテグレーションに加えて、私たちが考える VM ストーリーの現在存在するギャップを埋めることにもフォーカスを当てており、3.19 リリース以来の多数のバグを修正し、ネットワークインターフェースの処理を完了し、ppc64le サポートを追加し、ブートデバイスの順序設定をサポートしました。

Enjoy!

ハイライト ¶

API コレクションのサーバー側でのサポート ¶

ユーザーが扱うインスタンスやイメージがますます大きくなるにつれ、それらのすべてのレコードをクライアント側でフィルタリングすることは非常にコストが高くなる可能性があります。このリリースでは、サーバー側でのフィルタリングのインフラストラクチャと初期実装を追加しました。

これは次のようになります:

stgraber@castiana:~/data/code/lxc/lxd (lxc/master)$ lxc query '/1.0/instances?filter=config.image.os%20eq%20ubuntu'
[
    "/1.0/instances/snapcraft",
    "/1.0/instances/ups-monitor",
    "/1.0/instances/v1",
    "/1.0/instances/maas01",
    "/1.0/instances/steam",
    "/1.0/instances/lxd-build"
]

これは、URL エンコーディングを使って、フィルターとして config.image.os eq ubuntu を使っています。フィルタリングオプションの詳しくはこちら をご参照ください。

新しい unix-hotplug デバイスタイプ ¶

このデバイスタイプは usb と unix-char と unix-block のちょうど中間のようなものです。

特定の vendorid/productid を指定でき、その結果として unix-char/unix-block デバイスを自動的にコンテナに渡すことができます。

USB デバイスの例です:

stgraber@castiana:~$ lxc config device add c1 kingston unix-hotplug vendorid=0951 productid=1666
Device kingston added to c1

stgraber@castiana:~$ lxc exec c1 bash
root@c1:~# ls -lh /dev/
total 0
crw--w---- 1 root   tty     136,   0 Jan 30 23:00 console
lrwxrwxrwx 1 root   root          11 Jan 30 22:59 core -> /proc/kcore
lrwxrwxrwx 1 root   root          13 Jan 30 22:59 fd -> /proc/self/fd
crw-rw-rw- 1 nobody nogroup   1,   7 Jan 13 03:59 full
crw-rw-rw- 1 nobody nogroup  10, 229 Jan 30 22:59 fuse
lrwxrwxrwx 1 root   root          25 Jan 30 22:59 initctl -> /run/systemd/initctl/fifo
lrwxrwxrwx 1 root   root          28 Jan 30 22:59 log -> /run/systemd/journal/dev-log
drwxr-xr-x 2 nobody nogroup       60 Jan 30 22:46 lxd
drwxrwxrwt 2 nobody nogroup       40 Jan 13 03:59 mqueue
drwxr-xr-x 2 root   root          60 Jan 30 22:59 net
crw-rw-rw- 1 nobody nogroup   1,   3 Jan 13 03:59 null
crw-rw-rw- 1 root   root      5,   2 Jan 30 22:59 ptmx
drwxr-xr-x 2 root   root           0 Jan 30 22:59 pts
crw-rw-rw- 1 nobody nogroup   1,   8 Jan 13 03:59 random
drwxrwxrwt 2 root   root          40 Jan 30 22:59 shm
lrwxrwxrwx 1 root   root          15 Jan 30 22:59 stderr -> /proc/self/fd/2
lrwxrwxrwx 1 root   root          15 Jan 30 22:59 stdin -> /proc/self/fd/0
lrwxrwxrwx 1 root   root          15 Jan 30 22:59 stdout -> /proc/self/fd/1
crw-rw-rw- 1 nobody nogroup   5,   0 Jan 30 21:23 tty
crw-rw-rw- 1 nobody nogroup   1,   9 Jan 13 03:59 urandom
crw-rw-rw- 1 nobody nogroup   1,   5 Jan 13 03:59 zero

root@c1:~# ls -lh /dev/
total 1.0K
drwxr-xr-x 3 root   root          60 Jan 30 23:01 bus
crw--w---- 1 root   tty     136,   0 Jan 30 23:00 console
lrwxrwxrwx 1 root   root          11 Jan 30 22:59 core -> /proc/kcore
lrwxrwxrwx 1 root   root          13 Jan 30 22:59 fd -> /proc/self/fd
crw-rw-rw- 1 nobody nogroup   1,   7 Jan 13 03:59 full
crw-rw-rw- 1 nobody nogroup  10, 229 Jan 30 22:59 fuse
lrwxrwxrwx 1 root   root          25 Jan 30 22:59 initctl -> /run/systemd/initctl/fifo
lrwxrwxrwx 1 root   root          28 Jan 30 22:59 log -> /run/systemd/journal/dev-log
drwxr-xr-x 2 nobody nogroup       60 Jan 30 22:46 lxd
drwxrwxrwt 2 nobody nogroup       40 Jan 13 03:59 mqueue
drwxr-xr-x 2 root   root          60 Jan 30 22:59 net
crw-rw-rw- 1 nobody nogroup   1,   3 Jan 13 03:59 null
crw-rw-rw- 1 root   root      5,   2 Jan 30 22:59 ptmx
drwxr-xr-x 2 root   root           0 Jan 30 22:59 pts
crw-rw-rw- 1 nobody nogroup   1,   8 Jan 13 03:59 random
brw-rw---- 1 root   root      8,   0 Jan 30 23:01 sda
brw-rw---- 1 root   root      8,   1 Jan 30 23:01 sda1
drwxrwxrwt 2 root   root          40 Jan 30 22:59 shm
lrwxrwxrwx 1 root   root          15 Jan 30 22:59 stderr -> /proc/self/fd/2
lrwxrwxrwx 1 root   root          15 Jan 30 22:59 stdin -> /proc/self/fd/0
lrwxrwxrwx 1 root   root          15 Jan 30 22:59 stdout -> /proc/self/fd/1
crw-rw-rw- 1 nobody nogroup   5,   0 Jan 30 21:23 tty
crw-rw-rw- 1 nobody nogroup   1,   9 Jan 13 03:59 urandom
crw-rw-rw- 1 nobody nogroup   1,   5 Jan 13 03:59 zero
root@c1:~# exit

上記で、USB キーを挿すと sda と sda1 が現れています。

Yubikey では:

stgraber@castiana:~$ lxc config device add c1 yubikey unix-hotplug vendorid=1050
Device yubikey added to c1

stgraber@castiana:~$ lxc exec c1 bash
root@c1:~# ykman info
Device type: YubiKey 5C
Serial number: 11576019
Firmware version: 5.2.4
Form factor: Keychain (USB-C)
Enabled USB interfaces: FIDO+CCID

Applications
OTP         Disabled    
FIDO U2F    Enabled     
OpenPGP     Enabled     
PIV         Enabled     
OATH        Disabled    
FIDO2       Enabled     
root@c1:~#

スタンバイクラスターメンバーのサポート ¶

dqlite ベースのクラスターデータベースロジックが拡張され、新たに dqlite でサポートされた standby ロールと idle ロールが使えるようになりました。

この変更で、すべてのクラスターメンバーは dqlite に統合され、それぞれが次の 3 つのロールをひとつを持つようになりました:

• voting メンバー
• standby メンバー
• idle メンバー

設定は 3 つの voting メンバー、5 つの standby メンバーと、残りのメンバーが idle となります。voting メンバーが失われると、短いタイムアウトの後、voting メンバーでないメンバーが自動的に voting に昇格します。idle メンバーは voting と standby メンバーの必要数を維持するために、voting メンバー以外に昇格します。

その結果、はるかに回復力のある LXD クラスターになり、メンテナンスや電源障害のためにオフラインになるクラスターメンバーを適切に処理します。

VM: NIC サポートの拡張 ¶

このリリースで、仮想マシンの nic デバイスがサポートされました:

• macvlan (macvtapを使用)
• sriov
• physical
• p2p

SR-IOV と物理 NIC のパススルーは、仮想マシンへの PCI パススルーを使っています。これには適切な IOMMU セットアップと適切な PCI セットアップが必要です。

VM: ブートの優先度 ¶

仮想マシンで使う disk と nic タイプのデバイスすべてに boot.priority オプションが新たに存在するようになりました。優先度が高いほど、VM がそのデバイスからブートする可能性が高くなります。

root ディスクからブートするデフォルトの動作でなく、常にネットワークから VM をブートしたい場合に特に役に立ちます。

VM: ppc64le ホストのサポート ¶

ppc64le ホストの初期サポートを追加しました。これは、PCIe でなく通常の PCI バスが使われ、ファームウェアが UEFI でなく SLOF であるという点を除いて、x86_64 と aarch64 とほぼ同じように動作します。

完全な Changelog （翻訳なし）¶

Here is a complete list of all changes in this release:

• Fix typo
• Add role column to raft_nodes table
• Make db.RaftNode an alias for dqlite.NodeInfo, which has a Role field
• lxd/cluster: rename raft.go to info.go
• Drop legacy newRaft() function, leftover from the hashicorp/raft time
• Replace raftAddressProvider intefrace with a simple raftAddress() method
• Gateway.currentRaftNodes(): return only voting nodes
• Use the ID from the cluster nodes table as raft ID
• Make RaftNodesReplace() skip non-voters
• Include role when exchanging nodes in join/rebalance internal APIs
• Always join the dqlite cluster, possibly as non-voter
• Attempt to probe to a member which is considered offline
• Connect to the target node before spanwing the image replication goroutine
• Only contact voter nodes when searching for the cluster leader
• Configure the dqlite client store to only connect to voter nodes
• Load the role column of raft_nodes in db.RaftNodes()
• Store the role of a node in RaftNodesReplace
• Only start the dqlite engine for voter nodes
• Include role information in heartbeat messages
• Return also non-voter nodes in currentRaftNodes
• Fix ineffective heartbeat upon join
• Drop unused target variable in Join/Promote/Leave cluster functions
• Start the dqlite engine also on non-voter nodes
• Add cluster.Handover which finds a node eligible to become voter
• Extract logic to POST a promote request into a new changeMemberRole() function
• Attempt to transfer leadership to another member when shutting down
• Add /internal/cluster/handover endpoint to transfer voter role
• Add handoverMemberRole() helper to transfer the responsibilities of a member
• Update gateway's identify info upon role change
• Rename cluster.Promote to cluster.Assign
• Rename /internal/cluster/promote to /internal/cluster/assign
• Remove database role when demoting
• When a voter is shutdown, handover the role to another member
• Assign up to 2 StandBy roles beyond the initial 3 voters
• Return only voter nodes in cluster.ListDatabaseNodes()
• When leaving, use currentRaftNodes() instead of querying the raft_nodes table
• Redirect member delete requests to the leader
• Serialize membership-related requests on the leader
• Drop clusterRebalance helper, since it is used only once
• Drop ineffective post-join heartbeat
• Add rebalanceMemberRoles() helper and use it in the delete member API handler
• Drop unused tryClusterRebalance()
• Test shutting down two members concurrently
• Close dqlite clients after use
• Automatically demote offline nodes when running cluster.Rebalance
• Automatically promote spare nodes if a voter goes offline
• Assign roles to members not part of the raft configuration
• Export MaxVoters and MaxStandBys
• Trigger rebalance also if there are not enough voters or standbys
• Downgrade rebalance error to warning, it should not block node removal
• lxd/container: Improves error messages in instanceValidDevices
• lxd/container: instance.ValidDevices usage
• lxd/container/lxc: instance.ValidDevices usage
• lxd/device/config/devices: Improves error messages
• lxd/device/disk: Adds support for VM disk devices
• lxd/instance/instance/interface: Comment ending consistency
• lxd/instance/qemu/vm/qemu: Fixes driver index loop bug
• lxd/instance/instance/utils: Introduces constant to indicate profile validation in instance name
• lxd/profiles: Switches to use instance.ProfileValidationName during profile validation
• lxd/device/disk: Updates Stop device to understand VM disks
• Make cluster.Rebalance fail immediately if not leader
• Export cluster.ErrNotLeader
• Silence warning about failing to rebalance when not leader
• lxd/storage/drivers/driver/common: Removes generic vfs functions as not common to all driver types
• Re-enable clustering upgrade test
• lxd/storage/drivers/generic/vfs: Moves generic VFS drivers into standalone file
• lxd/storage/drivers: Updates usage of generic VFS functions
• Add upgrade test for an 8-member cluster
• Make upgrade notifications more robust
• Wait for leadership to settle before running lxc cluster list
• lxd/instance: Moves vm qemu pkg into instance/drivers pkg
• lxd/instance/drivers/container/lxc: Adds placeholder for future lxc implementation
• lxd/instance/drivers/load: Adds instance load functions
• lxd/container: Removes unused functions
• lxd/db/containers: Renames ContainerToArgs to InstanceToArgs
• lxd/container: db.InstanceToArgs usage
• lxd/profiles/utils: db.InstanceToArgs usage
• lxd/profiles/utils: Updates use of containerLXCInstantiate
• lxd/container/lxc: Push containerLXC load functions into instance/drivers package
• lxd/container/lxc: containerLXCInstantiate usage
• lxd/container/lxc: Makes containerLXCInstantiate compatiable with generic instance load functions
• lxd/containers: instance.Load usage
• lxd/containers/post: instance.Load usage
• lxd/instance/drivers/vm/qemu: Unexport and rename load functions
• lxd/instance/instance/utils: Load function comments
• lxd/instance/instance/utils: Adds Create instance function placeholder
• lxd/instance/instance/utils: db.InstanceToArgs usage
• lxd/instance/drivers/vm/qemu: Unexports qemu implementation
• lxd/exec: Pass full req through
• lxd/exec: Forward control messages
• lxd/containers: Fix error handling on stop
• lxd/vm: Fix stop race condition
• lxd/vm: Add locking for stop and shutdown
• lxd/vm: Don't crash on vm-initiated reboots
• lxd/storage: Remove legacy volume.size check
• lxc/init: Consider image type for instance type
• i18n: Update translation templates
• tests: Update volume.size tests
• lxd/vm: Store qemu log
• [Makefiles] Whitelist ldflags in libcap pkgconfig
• lxd/vm: Fix incorrect bootindex
• lxd/vm: Implement snapshot restore
• lxd/instance: Move LoadAllInternal
• lxd/vm: Implement Snapshots
• lxd/storage/drivers/utils: Updates ensureVolumeBlockFile to use minimum block boundary size of 8192 bytes
• lxd/storage/drivers/driver/lvm/utils: Avoid repetition of 512 bytes in roundedSizeBytesString
• doc: Corrects lvm striping options
• lxd/instance: Renames driver files for consistency
• lxd/instance: Comment clarification
• lxd-agent: Fixes bug when agent not seen as started if LXD restarted
• lxd/device/device/utils/network: Adds host MTU support for VM tap devices
• lxd/device/nic/bridged: Makes VM host side TAP interface name prefixed with "tap"
• lxd/instance/drivers/qemu: Switch to template pkg to generate qemu conf
• doc/api-extensions: Fix syntax
• api: vm_boot_priority
• lxd/vm: Add boot.priority
• lxd/container/logs: Makes log file retrieval project aware
• lxd/container/lxc: Adds devName skipping for startCommon
• lxd/device/config/device/runconfig: Adds DevName to MountEntryItem
• lxd/device/disk: Adds DevName to MountEntryItem
• lxd/device: Adds devName property to network interface run config
• lxd/instance/drivers/driver/qemu: Adds support for Disk and NIC device boot.priority setting
• Use a light TCP/TLS connection attempt instead of a client request
• lxd/container/exec: Removes duplication of env map now its being stored back into post data
• Revert "lxd/exec: Forward control messages"
• lxd/instance/drivers/driver/qemu/cmd: Makes qemu cmd struct qemu specific
• lxd/instance/drivers/driver/qemu: Simplifies Exec with revert
• lxd/container/exec: Cleaned up logging
• lxd/container/exec: Switches to use instance command for resizing window
• lxd/container/lxc/exec/cmd: Adds WindowResize
• lxd/instance/instance/exec/cmd: Adds WindowResize function to signature
• lxd/instance/drivers/driver/qemu: Reworks command control
• lxd/instance/drivers/driver/qemu/cmd: Adds WindowResize support
• lxd/instance/drivers/driver/qemu: Sets PID to 0 for VM commands
• lxd/instance/drivers/driver/qemu: comment on forwardControlCommand
• lxd/device/nic/p2p: Adds VM support
• Fix translation of hard-coded address of first node
• Close http transports since they might keep connections around
• lxd/daemon: Ignore SIGHUP
• lxd/instance/drivers/driver/qemu: Switch to unsafe async I/O mode on ZFS pools backed by loop files
• lxd/storage: Improves pool init failure messages
• lxd/storage/drivers: Indicates DirectIO support for most storage drivers
• lxd/storage/drivers/driver/types: Adds DirectIO indicator to driver info struct
• shared/version/version: Quotes malformed version string in error message
• lxd/storage/drivers/driver/zfs: Adds DirectIO detection based on version
• lxd/instance/drivers/driver/qemu: Unmounts volume on start failure if needed
• lxd/device: Relaxes requirement for name property when not using containers
• lxd/device/nic/macvlan: Clean up valid fields
• lxd/device/nic/macvlan: Adds VM support and improves revert
• lxd/instance/drivers/driver/qemu: Adds macvtap support
• lxd/instance/drivers/driver/qemu/templates: Moves templates to separate file
• lxd/instance/drivers/driver/qemu: Updates template usage
• lxd/storage/drivers/driver/dir: Adds HostPath support
• storage: Fix xfs_growfs command for older versions
• shared/simplestreams: Fix architecture filtering
• lxd/patches: Reset ZFS mountpoint/canmount
• shared/simplestreams: Fix inconsistent sorting
• lxd/instances: Don't rquire type on copy
• lxc/config: Tweak argument processing
• lxd/vm: Prevent attaching directory as disk
• lxd/storage/zfs: Ignore bookmarks
• lxd/storage/btrfs: Skip missing quota
• doc/instance: Clarifies disk path not available for VMs
• lxd/instance/drivers/qmp/monitor: Prevent crashes with races closing closed channel
• lxd/instance/drivers/driver/qemu: Improve clean up on start failure
• Fix request redirect when removing a cluster member
• lxd/storage/backend/lxd: Only detect volume.block.filesystem changes on block backed pool FS volumes
• lxd/migration/migration/volumes: Adds support for pre-bidirectional negotiation targets
• lxd/container/lxc: Removes VM specific NIC config ignoring
• lxd/device: Only return devName NIC config item for VMs
• lxd/device/nic/physical: Improves revert and deletion of created VLAN devices
• lxd/instance/drivers/driver/qemu/templates: Clarifies qemuNetdevPhysical variables
• lxd/device/nic/macvlan: Differentiates config parent from actual parent
• lxd/device/device/utils/network: Adds networkGetDevicePCIDevice function
• lxd/device/nic/sriov: Updates networkGetVFDevicePCISlot to use networkGetDevicePCIDevice
• lxd/instance/drivers/driver/qemu: Adds physical NIC passthrough support
• shared/instance: Updates config key checker to allow ".driver" keys
• doc/instance: Documents which device types can be used with which instance types
• lxd/device/device/utils/network: Adds generic PCI device bind/unbind functions
• lxd/device/device/utils/network: Adds networkVFIOPCIRegister
• lxd/device/nic/sriov: Switches PCI device bind/unbind to generic functions
• lxd/device/nic/physical: Adds VM PCI passthrough support
• lxd/device: Unexports NetworkRemoveInterfaceIfNeeded
• lxd/instance: Add NetworkUpdateStatic
• Add maasRename to VM
• lxd/storage/generic: Don't fail rename on missing path
• lxd/storage/zfs: Fix block mounts
• lxd/storage/zfs: Fix renames
• lxd/vm: Implement Rename
• lxd/device/nic/sriov: Adds VM support
• lxd/instance/drivers/driver/qemu: Mount VM config vol before generating NVRAM file
• lxd/device: Add unix_hotplug device type
• lxd/device: Add support for listening to unix char and block udev events
• lxd/storage: Pass config when deleting images
• lxd/devices: Remove dead xtables code
• lxd/iptables: Fix matching of IPv6 link-local
• lxd: Updates usage of migration.MatchTypes
• lxd/migration/migration/volumes: Updates MatchTypes to return all supported migration types
• lxd/migration/migration/volumes: Break after first rsync transport features extracted
• shared/subprocess: Cleanup test script
• shared/subprocess: Fix Wait, tty and ignore stdin
• shared/subprocess: Better handle not running
• lxd/networks: Avoid dnsmasq reload on start
• lxd: Switch to using the new subprocess module
• lxd/patches: Convert PID files
• shared/subprocess: Cleanup tests
• shared/subprocess: Use channel for Wait
• lxd/apparmor: Allow ro,remount,noatime,bind
• lxd/storage/drivers: Pass mountPath to xfs_growfs
• lxd/container: Removes containerValidName function
• lxd/container: Switches to instance.ValidName
• lxd/instance/instance/utils: Adds ValidName function
• shared/util: Modifies ValidHostname to return specific error
• shared/instance: InstanceGetParentAndSnapshotName comments
• lxd/storgage/locking/lock: Fixes concurrent access race to map
• global: Replace Fatalf by Errorf in tests
• shared/generate: Fix regression caused by Fatalf fix
• devices: retrieve vendor and product for hidraw devices
• lxd/db: Fix for new testify
• lxd/main: Adds cmdGlobal.rawArgs function
• lxd: Adds forklimits command
• lxd/instance/drivers/driver/qemu: Switches to launching qemu via forklimits
• devices: substract libudev header
• lxd/db: adds unix-hotplug device type to database
• lxd/instance/drivers/driver/qemu: Adds qemu binary path lookup
• lxd/main/forklimits: Switches forklimits to use syscall.Exec
• shared/cert: Replace default IPs with localhost
• shared/subprocess: Improve error in test
• spelling: yaml should be YAML
• spelling: Busybox should be BusyBox
• i18n: Update translation templates
• doc/storage: Update for snap package
• api: Add extension for new device type unix hotplug
• doc/instances: added new device type unix hotplug
• doc: Add libudev-dev dependency
• lxd/vm: Record architecture name
• lxd/vm: Cleanup qemu config
• lxd/vm: Add ppc64el support
• lxd/device/device/common: Splits device common into own file
• lxd/device/device: Removes original device.go file
• lxd/device/device/interface: Splits device interfaces into own file
• lxd/device/device/load: Separates device load functions into own file
• lxd/instance/drivers/driver/common: Adds common driver type
• lxd/instance/instance/interface: Adds ConfigRead interface
• lxd/instance/drivers/load: Updates validDevices() to use device.Validate function
• lxd/instance/instance/utils: Removes instanceName from validateDevices function
• lxd/instance/drivers/driver/qemu: Embeds common type and removes dupe functionality
• lxd: instance.ValidDevices usage
• lxd/device/device/utils/instance: Adds instanceSupported function
• lxd/device: Updates device validateConfig to support instance.ConfigReader argument
• api: Add api_filtering extension
• lxd/filter: Add API filtering package
• lxd/instance: Add instance list filtering functions
• lxd: Make use of filtering for instances and images
• doc/rest-api: Document filtering
• tests: Add tests for API filtering
• lxd/filter: Workaround gofmt bug
• lxd/device/disk: Adds a check for mkisofs tool for qemu config drive
• lxd/device/nic/sriov: Loads vfio-pci module
• tests: Fix BusyBox spelling for filtering
• lxd/vm: Fix bad bus name on ppc64el
• lxd/vm: Don't specify addresses for pci on ppc64
• i18n: Update translations from weblate

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 3.19 リリースのお知らせ¶

16th of January 2020

はじめに ¶

LXD チームは、LXD 3.19 のリリースをお知らせすることにとてもワクワクしています!

このリリースは、私たちがここ数ヶ月取り組んできた大きな機能である仮想マシンサポートを含む、盛りだくさんのリリースです! システム上で LXD を実行し、まったく同じ CLI や API を通して、そしてクラスターデプロイの一部としても、コンテナと仮想マシンの両方を管理できるようになりました!

このリリースでは、多数の他の機能、ユーザ体験の改良、修正を行っており、今までで最も精力的なリリースになっています。

Enjoy!

PS: このリリースは、通常の月ごとの開発サイクルより少し長い時間がかかりました。この遅れはストレージレイヤーの再実装の大部分を完成させただけでなく、それをベースに仮想マシンサポートを行いたいと思ったからです。次の数回の LXD リリースは、3/4 月の大物リリースである 4.0 を前にペースを早めて行う予定です。

ハイライト ¶

仮想マシンサポート ¶

このリリースのメインのハイライトは LXD を使って仮想マシンを実行するための初期サポートであることは間違いありません。

まさしくその通りです。システムコンテナと仮想マシンを組み合わせられるようになりました。 仮想マシンもイメージから作成され、コンテナと同じストレージプールに格納され、コンテナと同じネットワークに接続され、プロファイルを通して同じ設定を共有できます。

仮想マシン内部で LXD エージェントを実行すると、通常の exec、file、info 機能が使えるので、仮想マシンの操作がコンテナの操作とほとんど同じに行えます。

これは初期の作業であり、まだ実装されていない部分が多数ありませすが、現状、仮想マシンが Ubuntu イメージ（今後は他のディストリビューションでも）から、もしくは PXE ブートから作成できます。

すべての仮想マシンはセキュアブート有効の UEFI を実行し、コア数とメモリ割り当て、メモリに専用の Hugepage を使うかどうかの設定をサポートします。 cloud-init は設定されたドライブを通して、もしくはイメージ内に存在するエージェントを使うことで VM で使用できます。

Ubuntu 18.04 VM の作成し、エージェントをインストールし、詳細を問い合わせ、内部でシェルを取得する基本的な例を示します:

stgraber@castiana:~$ lxc profile create vm
stgraber@castiana:~$ lxc profile edit vm
stgraber@castiana:~$ lxc profile show vm
config:
  user.user-data: |
    #cloud-config
    ssh_pwauth: yes
    apt_mirror: http://us.archive.ubuntu.com/ubuntu/
    users:
      - name: ubuntu
        passwd: "$6$s.wXDkoGmU5md$d.vxMQSvtcs1I7wUG4SLgUhmarY7BR.5lusJq1D9U9EnHK2LJx18x90ipsg0g3Jcomfp0EoGAZYfgvT22qGFl/"
        lock_passwd: false
        groups: lxd
        shell: /bin/bash
        sudo: ALL=(ALL) NOPASSWD:ALL
description: VM specific configuration
devices:
  config:
    source: cloud-init:config
    type: disk
name: vm
used_by:

stgraber@castiana:~$ lxc launch ubuntu:18.04 v1 --vm --profile default --profile vm
Creating v1
Starting v1

stgraber@castiana:~$ lxc console v1
To detach from the console, press: <ctrl>+a q

Ubuntu 18.04.3 LTS v1 ttyS0

v1 login: ubuntu
Password: 
Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-74-generic x86_64)

ubuntu@v1:~$ sudo -i
root@v1:~# mount -t 9p config /mnt/
root@v1:~# cd /mnt/
root@v1:/mnt# ./install.sh 
Created symlink /etc/systemd/system/multi-user.target.wants/lxd-agent.service → /lib/systemd/system/lxd-agent.service.
Created symlink /etc/systemd/system/multi-user.target.wants/lxd-agent-9p.service → /lib/systemd/system/lxd-agent-9p.service.

LXD agent has been installed, reboot to confirm setup.
To start it now, unmount this filesystem and run: systemctl start lxd-agent-9p lxd-agent
root@v1:/mnt# reboot

stgraber@castiana:~$ lxc info v1
Name: v1
Location: none
Remote: unix://
Architecture: x86_64
Created: 2020/01/17 02:23 UTC
Status: Running
Type: virtual-machine
Profiles: default, vm
Pid: 2490333
Ips:
  enp5s0:   inet    10.166.11.3
  enp5s0:   inet6   2001:470:b368:4242:216:3eff:fed2:cd5
  enp5s0:   inet6   fe80::216:3eff:fed2:cd5
  lo:   inet    127.0.0.1
  lo:   inet6   ::1
Resources:
  Processes: 22
  Disk usage:
    root: 23.51MB
  CPU usage:
    CPU usage (in seconds): 6
  Memory usage:
    Memory (current): 179.20MB
    Memory (peak): 201.19MB
  Network usage:
    enp5s0:
      Bytes received: 1.71kB
      Bytes sent: 1.94kB
      Packets received: 14
      Packets sent: 18
    lo:
      Bytes received: 6.19kB
      Bytes sent: 6.19kB
      Packets received: 84
      Packets sent: 84

stgraber@castiana:~$ lxc exec v1 bash
root@v1:~# ps aux | grep lxd
root       787  1.5  1.6 747700 16300 ?        Ssl  02:25   0:00 /run/lxd_config/9p/lxd-agent
root      1024  0.0  0.0  14856  1004 pts/0    S+   02:26   0:00 grep --color=auto lxd

ストレージレイヤーの再実装 ¶

仮想マシンサポートの作業の一環として、ストレージレイヤーを完全に書き直しました。 これにより、仮想マシン向けのブロックデバイスの保存サポートを追加し、長年に渡って蓄積してきた多くの問題を解決し、ストレージレイヤーの進化のために行われました。

これにはユーザーに見える影響はありません。適切に動作すれば、新しいロジックは以前のロジックと全く同じように動作するはずですが、バグがある可能性はあります。

以降は、新しいストレージドライバーサポートの追加が容易になりました。そして、優れた抽象化が導入されたおかげで、ストレージ操作の大部分が共通のロジックを使うようになり、コードの重複とコードベース全体でのバグの重複リスクが大幅に減少しました。

これだけの膨大な作業であればバグがあることが予想されます。私たちは報告があった問題に可能な限り対処するために素早く対応するようにします。そして、安定する前に candidate チャンネルを通して、あまり重要でないシステム上で LXD 3.19 をテストすることを強くおすすめします。

テキサス大学の学生による貢献 ¶

オースティンのテキサス大学のたくさんの学生グループが、仮想化クラスの課題の一部として LXD 機能への貢献を行ってきています。

このリリースでは、次のものを含みます:

• 複数アーキテクチャのクラスタリング
• Ceph rbd/fs ボリュームのダイレクトアタッチ
• イメージへのプロファイルのアタッチ
• ディスクデバイスのカスタムなマウントオプション
• LVM ストライピング（ストレージレイヤーの再実装により一部の作業は置き換えられました）

現在、さらに多くの機能が行われ、次の LXD リリースに含まれる予定です。

LXD チームは、これらの貢献とプロジェクトへの新しいコントリビューターとのやりとりを本当に楽しんでおり、参加の学生の実りが多くなることを願っています。

その他の新機能 ¶

lxc list カラムのデバイスキー ¶

lxc list に、デバイスの設定値を表示する追加カラムの定義ができるようになりました。

例:

stgraber@castiana:~$ lxc list -c nst,config:image.os:OS,devices:eth0.parent:BRIDGE
+--------+---------+-----------------+--------+--------+
|  NAME  |  STATE  |      TYPE       |   OS   | BRIDGE |
+--------+---------+-----------------+--------+--------+
| maas01 | STOPPED | CONTAINER       | ubuntu | lxdbr0 |
+--------+---------+-----------------+--------+--------+
| v1     | STOPPED | VIRTUAL-MACHINE | ubuntu | lxdbr0 |
+--------+---------+-----------------+--------+--------+
| v2     | STOPPED | VIRTUAL-MACHINE | ubuntu | lxdbr0 |
+--------+---------+-----------------+--------+--------+
| v3     | STOPPED | VIRTUAL-MACHINE |        | lxdbr0 |
+--------+---------+-----------------+--------+--------+

routed ネットワークモード ¶

新たにネットワークインターフェースの nictype に routed モードを追加しました。 routedモードには下層の liblxc につい最近追加された機能が必要です。そして、このモードは実質的にコンテナとホスト間のポイント・ツー・ポイントのリンクを設定し、そのリンクを使って IP をコンテナへルーティングします。

stgraber@castiana:~$ lxc config device add c1 eth0 nic nictype=routed ipv4.address=10.255.243.155
Device eth0 added to c1
stgraber@castiana:~$ lxc start c1
stgraber@castiana:~$ lxc list c1
+------+---------+-----------------------+------+-----------+-----------+
| NAME |  STATE  |         IPV4          | IPV6 |   TYPE    | SNAPSHOTS |
+------+---------+-----------------------+------+-----------+-----------+
| c1   | RUNNING | 10.255.243.155 (eth0) |      | CONTAINER | 0         |
+------+---------+-----------------------+------+-----------+-----------+

コンテナへの Ceph RBD と FS のダイレクトアタッチ ¶

LXD が管理していない Ceph 上の既存の RBD もしくは FS ボリュームを持っており、従来のディスクデバイス経由でアタッチできないユーザーは、そのようなボリュームを直接コンテナにアタッチできるようになりました。

これは disk デバイスの source に特別な値を設定して行います。

例: - source=ceph-rbd:pool/volume - source=ceph-fs:fs/path

さらに、Ceph クラスターとユーザーを設定するために、設定項目が追加されました。

• ceph.cluster_name
• ceph.user_name

ディスクデバイスのカスタムマウントオプション ¶

新たに disk デバイスに対して raw.mount_options の設定が追加されました。 これは任意に設定可能なリストで、コンテナにディスクをアタッチする際に使うマウントオプションをカンマ区切りで指定します。

イメージへのプロファイルのアタッチ ¶

複数プロファイルのセット（組み合わせ）をプロファイルに設定できるようになりました。イメージから作られた新しいインスタンスは、デフォルトプロファイルの代わりにプロファイルのセットを使います。

これは lxc image edit 経由で設定し、イメージの自動更新でも維持されます。

stgraber@castiana:~$ lxc image show a722a8eb4d31
auto_update: true
properties:
  architecture: amd64
  description: Alpine 3.8 amd64 (20200116_13:00)
  os: Alpine
  release: "3.8"
  serial: "20200116_13:00"
  type: squashfs
public: false
expires_at: 1969-12-31T19:00:00-05:00
profiles:
- default

stgraber@castiana:~$ lxc image edit a722a8eb4d31

stgraber@castiana:~$ lxc image show a722a8eb4d31
auto_update: true
properties:
  architecture: amd64
  description: Alpine 3.8 amd64 (20200116_13:00)
  os: Alpine
  release: "3.8"
  serial: "20200116_13:00"
  type: squashfs
public: false
expires_at: 1969-12-31T19:00:00-05:00
profiles:
- blah

stgraber@castiana:~$ lxc launch a722a8eb4d31 a1
Creating a1
Starting a1

stgraber@castiana:~$ lxc info a1 | grep Profiles
Profiles: blah

mount システムコールのインターセプト ¶

システムコールのインターセプトのためのレイヤーが拡張され、mount システムコールのインターセプトをサポートしました。

これは、通常は非特権コンテナ内でのマウントが制限されているファイルシステムをマウントできるようにするために使えます。しかし、もっと重要な事は、FUSE ドライバーへのマウント呼び出しの透過的なリダイレクションを可能にすることです。

新しい設定オプションは次の通りです:

• security.syscalls.intercept.mount (機能の有効・無効を設定 )
• security.syscalls.intercept.mount.allowed (マウントを許可するファイルシステムのリスト )
• security.syscalls.intercept.mount.fuse (FUSE へのリダイレクトをするファイルシステムリスト )
• security.syscalls.intercept.mount.shift (ShiftFS レイヤーの設定を自動的に行うかどうか )

完全に信頼していないコンテナに対して allowed パーミッションを決して与えないでください。この設定は、カーネルのスーパーブロックパーサーにコンテナを直接公開します。カーネルを攻撃したり、ホストをクラッシュさせたり、コンテナから脱出したりすることに使えます。

次の例は、ext4 を許可する例と、より安全な代替手段として FUSE を使う場合の例です:

root@vm02:~# lxc launch ubuntu:18.04 c1
Creating c1
Starting c1

root@vm02:~# mkfs.ext4 /dev/sdb
mke2fs 1.44.1 (24-Mar-2018)
Discarding device blocks: done                            
Creating filesystem with 2621440 4k blocks and 655360 inodes
Filesystem UUID: 134bc6d4-e7d3-4db1-a3aa-a398c1acff85
Superblock backups stored on blocks: 
    32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done

root@vm02:~# lxc config device add c1 sdb unix-block path=/dev/sdb
Device sdb added to c1

root@vm02:~# lxc exec c1 -- mount /dev/sdb /mnt
mount: /mnt: permission denied.

root@vm02:~# lxc config set c1 security.syscalls.intercept.mount true
root@vm02:~# lxc config set c1 security.syscalls.intercept.mount.shift true
root@vm02:~# lxc config set c1 security.syscalls.intercept.mount.allowed ext4
root@vm02:~# lxc restart c1

root@vm02:~# lxc exec c1 -- mount /dev/sdb /mnt
root@vm02:~# lxc exec c1 -- ls -lh /mnt
total 16K
drwx------ 2 root root 16K Jan 17 01:56 lost+found

root@vm02:~# lxc exec c1 -- apt-get install -y fuse2fs
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following package was automatically installed and is no longer required:
  libfreetype6
Use 'apt autoremove' to remove it.
The following NEW packages will be installed:
  fuse2fs
0 upgraded, 1 newly installed, 0 to remove and 4 not upgraded.
Need to get 28.8 kB of archives.
After this operation, 143 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 fuse2fs amd64     1.44.1-1ubuntu1.2 [28.8 kB]
Fetched 28.8 kB in 0s (117 kB/s)
Selecting previously unselected package fuse2fs.
(Reading database ... 28654 files and directories currently installed.)
Preparing to unpack .../fuse2fs_1.44.1-1ubuntu1.2_amd64.deb ...
Unpacking fuse2fs (1.44.1-1ubuntu1.2) ...
Setting up fuse2fs (1.44.1-1ubuntu1.2) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...

root@vm02:~# lxc config unset c1 security.syscalls.intercept.mount.allowed
root@vm02:~# lxc config set c1 security.syscalls.intercept.mount.fuse ext4=/usr/sbin/fuse2fs
root@vm02:~# lxc restart c1

root@vm02:~# lxc exec c1 -- mount /dev/sdb /mnt
root@vm02:~# lxc exec c1 -- ls -lh /mnt
total 128K
drwx------ 2 root root 16K Jan 17 01:56 lost+found
root@vm02:~# lxc exec c1 -- ps aux | grep fuse
root       304  0.0  0.0 170172   788 ?        Ssl  02:00   0:00 /usr/sbin/fuse2fs /dev/sdb /mnt -o dev,suid
root@vm02:~#

リソース API の追加 ¶

リソース API のディスクエントリーに、新たにふたつのフィールドが追加されました。

• FirmwareVersion はネットワークカードのファームウェアリビジョンを公開します
• DeviceID は /dev/disk/by-id 以下での検索に適したデバイスの識別子を示します

NVME ドライブの例は次のようになります:

stgraber@castiana:~$ lxc query /1.0/resources | jq .storage.disks[0]
{
  "block_size": 512,
  "device": "259:0",
  "device_id": "nvme-eui.0000000001000000e4d25cafae2e4c00",
  "device_path": "pci-0000:05:00.0-nvme-1",
  "firmware_version": "PSF121C",
  "id": "nvme0n1",
  "model": "INTEL SSDPEKKW256G7",
  "numa_node": 0,
  "partitions": [
    {
      "device": "259:1",
      "id": "nvme0n1p1",
      "partition": 1,
      "read_only": false,
      "size": 52428800
    },
    {
      "device": "259:2",
      "id": "nvme0n1p2",
      "partition": 2,
      "read_only": false,
      "size": 1073741824
    },
    {
      "device": "259:3",
      "id": "nvme0n1p3",
      "partition": 3,
      "read_only": false,
      "size": 254933278208
    }
  ],
  "read_only": false,
  "removable": false,
  "rpm": 0,
  "serial": "BTPY63440ARH256D",
  "size": 256060514304,
  "type": "nvme",
  "wwn": "eui.0000000001000000e4d25cafae2e4c00"
}

マルチアーキテクチャークラスタリング ¶

クラスターメンバーに異なるアーキテクチャのメンバーを混在させることができるようになりました。 LXD はイメージのアーキテクチャーに基づいた正しいシステム上にコンテナを配置します。

極端な例として、3 つの異なる Intel 以外のアーキテクチャーで作られるクラスタを示します:

root@cluster:~# lxc cluster list
+---------------+----------------------------+----------+--------+-------------------+--------------+
|     NAME      |            URL             | DATABASE | STATE  |      MESSAGE      | ARCHITECTURE |
+---------------+----------------------------+----------+--------+-------------------+--------------+
| bos01-arm64   | https://240.0.200.92:8443  | YES      | ONLINE | fully operational | aarch64      |
+---------------+----------------------------+----------+--------+-------------------+--------------+
| bos01-ppc64el | https://240.0.202.246:8443 | YES      | ONLINE | fully operational | ppc64le      |
+---------------+----------------------------+----------+--------+-------------------+--------------+
| bos01-s390x   | https://240.0.203.11:8443  | YES      | ONLINE | fully operational | s390x        |
+---------------+----------------------------+----------+--------+-------------------+--------------+
| bos02-arm64   | https://240.0.204.139:8443 | NO       | ONLINE | fully operational | aarch64      |
+---------------+----------------------------+----------+--------+-------------------+--------------+
| bos02-ppc64el | https://240.0.206.145:8443 | NO       | ONLINE | fully operational | ppc64le      |
+---------------+----------------------------+----------+--------+-------------------+--------------+
| bos02-s390x   | https://240.0.207.35:8443  | NO       | ONLINE | fully operational | s390x        |
+---------------+----------------------------+----------+--------+-------------------+--------------+

クラスターセットアップロジックの改良 ¶

このリリース以降、LXD クラスターを構築する場合、クラスターの一部である最初の 3 つのサーバーはデータベースノードとして機能し、データベースの完全なコピーを受信し、データベーストランザクションの投票を始めます。

この動作により、2 サーバーからなるクラスターがデータベースメンバーの数が偶数であっても安全に動作し、適切なクオラムを防ぎ、どちらかのサーバーがオフラインになっても全データーベースが効率的に停止すると考えられるようになりました。

新しい動作では、3 つめのサーバーが加わるまでは単一のデータベースで動作し続け、3 つめのサーバーが参加した時点で、3 つのサーバすべてがデータベースサーバーとなります。

LXD 3.20 ではスタンバイデータベースノードの導入で、クラスター自身をオフラインにすることなしに複数のデータベースノードをオフラインにできるようになり、この点がさらに改善されます。

未管理ブリッジの MAC フィルタリング ¶

security.mac_filtering が、LXD が管理していないネットワークブリッジに接続された nic デバイスで使えるようになりました。

設定可能な Ceph データプール名 ¶

データとメタデータ用に別々の OSD プールが必要な場合、データを保存する場所をコントロールできる ceph.osd.data_pool_name が新たに追加されました。メタデータは ceph.osd.pool_name で参照するプールに保存されます。

LVM ストライピングサポート ¶

LVM ストライピングがサポートされるようになりました。volume.lvm.stripes と volume.lvm.stripes.size で設定できます。

cgroup2 リソース制限の初期サポート ¶

新しい cgroup 抽象レイヤーが LXD に追加され、v2 リソースコントローラーの初期マッピングも追加されました。これに最近の liblxc の改良を組み合わせて、ほとんどのリソース制限が cgroup v2 環境で機能するようになりました。

作成時のバックアップ圧縮の設定 ¶

backups.compression_algorithm を設定することで、バックアップで使う圧縮アルゴリズムが設定できます。これはすべての新しいバックアップに適用されるグローバルな設定です。

インスタンスの publish コマンド（lxc publish）で、バックアップの作成時に圧縮アルゴリズムを上書きできるようになりました。これは lxc export --compression-algorithm で公開されます。

squashfs を使った圧縮されたバックアップとイメージのサポート ¶

圧縮アルゴリズムとして、イメージとバックアップの両方で squashfs を選択できるようになりました。 これ以前は、LXD は squashfs で圧縮されたイメージを使うことはできましたが、LXD 自身で squashfs イメージを作成できませんでした。

完全な changelog （翻訳なし）¶

Here is a complete list of all changes in this release:

• lxd/cgroup: Adds cgroup package with CPU task balancing functions
• lxd: Updates to use cgroup package
• lxd: Changes instance and containerLXC function Id() to ID()
• lxd: Updates error handling of MakeFSType after stderr split of RunCommand
• api: Add resources_network_firmware extension
• shared/api: Add FirmwareVersion to ResourcesNetworkCard
• lxd/resources/network: Add FirmwareVersion retrieval
• lxd/container: Adds instanceLoad function
• lxd: Replaces use of containerLXCLoad with instanceLoad
• lxc: Changes lxc list and lxc info Type field to show instance type
• i18n: Update translation templates
• lxc/{list,info}: Fix type on older LXD
• lxd/device/disk: Apply limits through post hook
• lxd/main_migratedumpsuccess: Use fast connection
• lxd/main_sql: Use fast connection
• lxd/daemon: Allow internal queries during startup
• test: Adds host-side MTU veth checks
• lxd/device/disk: Improvements in disk limits
• lxd: Fix backup expiry
• lxd: Fix backup expiry check
• api: Add backup_compression_algorithm API extension
• shared/api: Add CompressionAlgorithm to InstanceBackupsPost
• lxc/export: Add --compression option
• i18n: Update translation templates
• lxd/backups: Add support for CompressionAlgorithm
• lxd: Fix container restore with projects in Ceph
• test: Add container restore with projects
• lxd/daemon: Adds daemon package
• lxd: Updates use of debug and verbose vars in daemon pkg
• lxd/rsync: Moves rsync functions to own package
• lxd: Updates usage of moved rsync functions
• doc: Add ceph.osd.data_pool_name
• storage/ceph: Implement --data-pool argument
• scripts: Add ceph.osd.data_pool_name to bash completion
• api: Add ceph_data_pool_name extension
• doc: Add commit structure to contributing.md
• lxd/cluster: Process upgrade notifications on all members
• lxd/cluster: Relax upgrade notification target
• lxd/db: Export GetNodeID
• lxd/daemon: Skip heartbeat processing during startup
• lxd/db: Backward compat code for Nodes()
• lxd/daemon: Set gateway.Cluster during WaitUpgradeNotification
• lxd/storage/ceph: Fix to work on older releases
• lxd: Move backup to separate package
• test: Add backup package to static analysis
• test: Add project testing to backup
• lxd/device/nic: Pass --concurrent to ebtables
• tests: Update ebtables calls
• fix debugging.md rendering
• lxd/sys: Enforce directory permissions
• lxd/daemon: Bump NOFILE to max on startup
• lxd/list: Modify parseColumns to allow for the config:KEY:NAME:WIDTH syntax
• lxd/list: Modify TestColumns to allow for the config:KEY:NAME:WIDTH syntax
• lxd/cluster: Tweak joining error messages
• lxd/cluster: Fix already-clustered test
• lxd/list: Add support for devices:KEY:NAME:WIDTH to parseColumns
• lxd/list: Add tests to check support for devices:KEY:NAME:WIDTH and config:KEY:NAME:WIDTH in parseColumns
• lxd/list: Add description in command help section about devices:KEY:NAME:WIDTH and config:KEY:NAME:WIDTH support
• i18n: Update translation templates
• lxc/storage/volume: Fix panic when invalid snapshot rename argument supplied
• shared/util: Removes ExtractSnapshotName
• lxd: Changes use of ExtractSnapshotName to ContainerGetParentAndSnapshotName
• lxd/storage/volumes: Removes unused snapshot logic from storagePoolVolumeTypePost
• seccomp: test for syscall continuation support
• seccomp: implement syscall continuation for mknod(), mknodat(), and setxattr()
• unixfd: split into unixfd.{c,h}
• unixfd: hide symbols
• Makefile: Switch to tsenart/deadcode
• lxd/include: Don't include missing file
• Revert "unixfd: hide symbols"
• tree-wide: handle _GNU_SOURCE ifdefs correctly
• Makefile: add "nocache" target
• tree-wide: rework cgo compilation
• Add step to trigger reread on loopback device when resizing BTRFS storage pool.
• lxd/db/storage/pools: StoragePoolVolumeSnapshotsGetType returns StorageVolumeArgs slice
• lxd/db/storage/pools: Makes StoragePoolVolumeSnapshotsGetType return in volume ID order
• lxd: Updates use of StoragePoolVolumeSnapshotsGetType return type change
• seccomp: log syscall arguments
• package: lxd: add cgo.go
• package: lxd-p2c: add cgo.go
• package: seccomp: add cgo.go
• package: quota: add cgo.go
• package: storage: add cgo.go
• package: ucred: add cgo.go
• package: idmap: add cgo.go
• package: netutils: add cgo.go
• package: termios: add cgo.go
• package: shared: add cgo.go
• lxd: add cgo hardening flags and fix minor bugs found by them
• lxd/storage/utils: Add common helpers to utils
• lxd/storage/volumes/config: Removes functions moved to storage package
• lxd: Updates use of funcs/vars moved to storage pkg
• lxd/storage/drivers/utils: Add common functions
• lxd/storage/drivers/utils: Adds GetVolumeMountPoint and GetPoolMountPoint functions
• lxd/storage/drivers/utils: Adds DeleteParentSnapshotDirIfEmpty
• lxd/storage/drivers/utils: Add GetVolumeSnapshotDir
• lxd/storage/drivers/volume: Adds VolumeType and ContentType definitions
• lxd/storage/storage: Deprecates pool path function
• lxd/storage/drivers/errors: Adds storage drivers errors
• lxd/storage/errors: Adds shared errors for storage
• lxd/db/storage/pools: Improves comments on StoragePoolVolumeSnapshotsGetType
• tests: Fixes zfs snapshot restore bug in tests
• lxd/migration/migration/volumes: Adds migration volume arg types
• lxd/storage: Removes progress wrapper functions
• lxd: Update use of migration progress functions
• seccomp: protect against syscall supervision override
• client/lxd/storage/volumes: Fixes bug where migration errors were ignored
• lxc/storage/volume: Adds volume snapshot rename check for same parent volume
• lxd/storage/quota: Fix bad typing
• lxd/containers: Return disk usage when stopped
• lxd/storage/utils: Removes default empty "size" property for dir volumes
• lxd/storage/utils: Makes dir driver allowed to translate the size property
• tree-wide: cgo: add -Wunused and fix errors detected by this option
• tree-wide: cgo: mark some global variables ro
• lxc/config: Handle config/profile in examples
• i18n: Update translation templates
• forksyscall: add acquire_final_creds()
• seccomp: implement mount syscall interception
• api: add container_syscall_intercept_mount extension
• doc: add security.syscalls.intercept.mount
• scripts: add security.syscalls.intercept.mount to bash completion
• client: Ignore unresolvable addresses
• lxd/include: Fix definition of SECCOMP_USER_NOTIF_FLAG_CONTINUE
• api: Add compression_squashfs extension
• lxd/cluster: Validate squashfs-tools-ng executables
• lxd: Modify compressFile() to support SquashFS
• lxd/networks: Nicer error on misisng IPv6
• global: Drop -Wcast-align (breaks armhf)
• lxd: Support SquashFS compressed backup imports
• lxd: Add SquashFS compressed image publish/export support
• lxd/device/nic/bridged: Allow MAC filtering on unmanaged bridges
• test: Adds test for using security.mac_filtering with unmanaged parent
• doc: fix link to security.md from README.md
• doc: use HTTPS links for criu and #lxcontainers (they have STS preload)
• lxd/rsync: Switch to using io.ReadWriteCloser
• shared: Implement a WebsocketIO ReadWriteCloser abstraction
• lxd/migration: Introduce ProgressTracker
• lxd/migration: Switch over to ReadWriteCloser for rsync
• lxd/devlxd: Fixes event socket close on client disconnect during wait
• lxd/events/events: Adds context to event listener Wait() function
• lxd/events: Fixes event socket close on client disconnect during wait
• lxd/migrate: Close control web socket on disconnect()
• lxd/migrate/storage/volunes: Always close web socket after migration
• lxd/storage: Adds interfaces
• lxd/storage/load: Adds storage pool loader functions
• lxd/storage/drivers/driver: Adds storage driver load functions
• lxd/storage/backend/lxd: Adds lxd backend implementation
• lxd/storage/backend/mock: Adds mock backend implementation
• lxd/storage/drivers/driver/common: Adds common driver
• lxd/storage/drivers/driver/dir: Add dir backend
• lxd/storage/volumes: Links doVolumeCreateOrCopy to use storage pkg
• test/suites/static/analysis: Updates to recurse storage package
• lxd/storage/volumes: Links volume delete function to use new storage pkg
• lxd/storage/utils: Adds VolumeTypeToDBType function
• lxd/storage/utils: Modifies VolumeValidateConfig to hook into new storage API
• lxd/storage/utils: Deprecates SupportedPoolTypes
• lxd/storage/drivers/volume: Adds Volume struct type
• lxd/storage/volumes: Re-works storagePoolVolumeTypePost into sub-actions
• lxd/storage/volumes/snapshot: Renames driver import to storagePools
• lxd/storage/volumes/snapshot: Links rename snapshot volume to new storage pkg
• lxd/storage/volumes/snapshot: Links snapshot delete to new storage pkg
• lxd/storage/volumes/snapshot: Links create custom snapshot to new storage pkg
• lxd/storage/volumes: Moves DB lookup into migration function
• lxd/migrate/storage/volumes: Links volume migrate functions to new storage pkg
• lxd/storage/volumes: Linking volume move to new storage pkg
• lxd/storage/volumes: Adds existing volume checks to storagePoolVolumeTypePost and storagePoolVolumesTypePost
• lxd/storage/drivers/utils: Adds GetSnapshotVolumeName function
• lxd/storage/drivers/utils: Renames GetVolumeMountPath and GetPoolMountPath
• lxd/storage: Updates deprecation notice
• lxd/storage/drivers/utils/test: Updates tests
• lxd/storage/utils: Adds validateVolumeCommonRules
• lxd/migration/migration/volumes: Updates MatchTypes to log offered and our types on mismatch
• lxd/storage/memorypipe: Adds in-memory bidirectional pipe
• lxd/migrate/storage/volumes: Updates use of migrate TrackProgress args
• lxd/storage/backend/lxd: Updates CreateCustomVolumeFromCopy to use migration logic
• lxd/storage/drivers/driver/common: Improves comment
• lxd/migration/migration/volumes: Adds TrackProgress bool to MigrationSourceArgs and MigrationTargetArgs
• lxd/storage/drivers/driver/dir: Updates migration functions to use TrackProgress bool
• lxd/containers: Push MAAS entry after dev creation
• lxd/storage/drivers/interface: Modifies ValidateVolume definition
• lxd/storage/utils: Updates ValidateVolume usage
• lxd/storage/backend/lxd: Updates use of validate function
• lxd/storage/drivers/driver/common: Updates validate function
• lxd/storage/drivers/driver/dir: Updates validation function
• forksyscall: remove left-over advance_arg() call
• lxd/migration/migration/volumes: Updates MatchTypes to accept fallback type
• lxd/migration/storage/volumes: Updates MatchTypes usage
• lxd/storage/backend/lxd: Updates MatchTypes usage
• lxc/storage/volumes: Links storagePoolVolumeTypePatch to new storage pkg
• lxd/storage/volumes/utils: Links storagePoolVolumeUsedByRunningContainersWithProfilesGet to storage pkg
• lxd/storage/utils: Adds VolumeUsedByInstancesWithProfiles
• lxd/storage/volumes: Links storagePoolVolumeTypePut to storage pkg
• lxd/storage/drivers/interface: Updates function definitions
• lxd/storage/backend: UpdateCustomVolume and RestoreCustomVolume
• lxd/storage/drivers/driver/dir: Adds UpdateVolume function
• lxd/storage/volumes: Consistent casing on error messages
• lxd/storage/utils: Consistent casing on error messages
• lxd/storage/interfaces: Adds RestoreCustomVolume
• lxd/storage/drivers/interface: Adds RestoreVolume
• lxd/storage/drivers/driver/dir: Implements RestoreVolume
• lxd/storage/backend/mock: Adds RestoreCustomVolume
• lxd/storage/volumes: Makes storagePoolVolumeTypePut logic consistent with storagePoolVolumeSnapshotTypePut
• lxd/storage/volumes/snapshot: Moves storagePoolVolumeSnapshotTypePut DB logic
• lxd/storage/volumes/utils: Removes unused storagePoolVolumeSnapshotUpdate
• lxd/storage: Use correct operation type
• lxd/storage/backend/lxd: Adds basic debug logging
• lxd/storage/backend/mock: Adds logger support
• lxd/storage/load: Initialises logger
• lxd/storage/drivers/driver/common: Adds driver logger with pool context
• lxd/storage/drivers/interface: Updates with pool context logger
• lxd/storage/utils: Updates VolumeValidateConfig to use update driver loader
• lxd/storage/load: Updates loaders to support contextual loggers
• lxd/storage/drivers/load: Updates loaders to support contextual loggers
• container/lxc: Hooks up root device usage to new storage package
• lxd/storage/backend/lxd: Updates name of instance arg to inst from i
• lxd/storage/backend/lxd: Implements GetInstanceUsage
• lxd/storage/backend/mock: Changes GetInstanceUsage signature
• lxd/storage/drivers/driver/dir: Implements GetVolumeUsage
• lxd/storage/drivers/interface: Adds GetVolumeUsage
• lxd/storage/interfaces: Changes GetInstanceUsage signature
• lxd/images: Links imageCreateInPool to new storage package
• lxd/storage/backend/lxd: Implements CreateImage
• lxd/storage/backend/mock: Updates CreateImage definition
• lxd/storage/interfaces: Updates CreateImage definition
• lxd/resources/storage: Improve cdrom handling
• Bring Go current in Travis
• lxd/storage/drivers/driver/dir: Adds warnings of ext4 project quota not supported
• lxd/storage/load: Adds GetPoolByInstanceName
• lxd/container: Links containerCreateFromImage to new storage layer
• lxd/containers/post: Moves progress tracker into containerCreateFromImage
• lxd/images: Removes old unpackImage
• lxd/storage/backend/lxd: Implements CreateInstanceFromImage
• lxd/storage/drivers/driver/dir: Switches to using volume.CreateMounthPath()
• lxd/storage/drivers/volume: Adds CreateMountPath
• lxd/storage/load: Improves getVolID error when volume not found
• lxd/storage/utils: Adds InstanceTypeToVolumeType
• lxd/storage/utils: Adds ImageUnpack
• test/suites/basic: Updates tests to take into account more secure volume perms
• lxd: Updates use of driver.ImageUnpack
• lxd/storage/load: Makes volIDFuncMake project aware
• lxd/storage/drivers/driver/dir: Ensures old snapshor dir removed in RenameVolume
• lxd/storage/drivers: Expose BlockBacking property
• lxd/storage: Pass BlockBacking to ImageUnpack
• lxd/storage: Change default container permissions to 0100
• lxd/storage: Implement CreateImage
• lxd/storage/dir: Don't fail/complain about missing quotas
• lxd/devices/nic: Handle recent ebtables
• lxd/rsync: Tweaks Recv's internal synchronisation to avoid race
• lxd: Minor changes
• lxd/storage: Fix custom volume with underscores
• lxd/images: Updates imageCreateInPool to use EnsureImage
• lxd/storage/backend/lxd: Updates EnsureImage usage and adds more comments
• lxd/storage/backend/mock: Updates with EnsureImage
• lxd/storage/interfaces: Renames CreateImage to EnsureImage
• lxd/storage/load: Adds comments
• lxd/cluster: add Recover() and ListDatabaseNodes() utilities
• lxd/storage/drivers: Add mountReadOnly helper
• lxd/storage/dir: Make snapshot mounts read-only
• lxd/storage/dir: Only log project quota failures when relevant
• lxd/container/lxc: Links container Delete() to new storage package
• lxd/container/lxc: Improves error logging in diskState
• lxd/storage/backend/lxd: Removes duplicated code from DeleteCustomVolume
• lxd/storage/backend/lxd: Adds symlink management functions
• lxd/storage/backend/lxd: Adds Instance and Instance Snapshot delete functions
• lxd/storage/drivers/driver/dir: Reinstates DeleteParentSnapshotDirIfEmpty for volume and snapshot deletion
• lxd/storage/drivers/utils: Updates DeleteParentSnapshotDirIfEmpty to also remove symlink
• lxd/storage/interfaces: Adds IsSnapshot to Instance interface
• lxd/storage/dir: Don't write to snapshots
• lxd/container: Fix apply_quota
• lxd/storage/lvm: Fix version parsing
• lxd/storage/drivers/driver/dir: Comment grammar consistency
• lxd/storage/load: Renames GetPoolByInstanceName to GetPoolByInstance
• lxd/container: Updates use of storagePools.GetPoolByInstance and fallback for container types
• lxd/storage/drivers/errors: Removes unused error
• lxc/init: Properly handle errors with --empty
• lxd/container: Links containerCreateAsEmpty to new storage package
• lxd/container: Adds revert to containerCreateFromImage
• lxd/container: containerCreateFromImage comment
• lxd/storage/drivers/utils: Makes GetVolumeSnapshotDir work with either snapshot or parent vol name
• lxd/storage/drivers/utils: Removes symlink removal from DeleteParentSnapshotDirIfEmpty
• lxd/storage/backend/lxd: CreateInstance
• lxd/storage/backend/lxd: Updates instance snapshot symlink removal
• lxd/storage/backend/lxd: Updates instance snapshot symlink management functions
• lxd/container/lxc: Removes TemplateApply() and adds DeferTemplateApply()
• lxd/containers/post: DeferTemplateApply usage
• lxd/instance/interface: DeferTemplateApply usage
• lxd/storage/interfaces: DeferTemplateApply signature
• lxd/storage: DeferTemplateApply usage
• lxd/storage/interfaces: Updates instance mount function definitions
• lxd/storage/backend/mock: Updates instance mount function definitions
• lxd/storage/backend/lxd: Implements instance mount and unmount functions
• lxd/operations: Fix remote Wait
• lxc/query: Fix handling of ?project=
• lxd/storage/backend/lxd: Instance function comment consistency
• lxd/device/device/utils/disk: Changes signature of StorageRootFSApplyQuota
• lxd/device/disk: Updates applyQuota to use error from storage package
• lxd/storage: Links storageRootFSApplyQuota to new storage package
• lxd/storage/backend/lxd: SetInstanceQuota
• lxd/storage/backend/mock: SetInstanceQuota
• lxd/storage/drivers/dir: Adds SetVolumeQuota and RunningQuotaResize info flag
• lxd/storage/drivers/interface: SetVolumeQuota signature
• lxd/storage/drivers/load: Adds RunningQuotaResize to driver Info struct
• lxd/storage/errors: Adds ErrRunningQuotaResizeNotSupported error
• lxd/storage/interfaces: SetInstanceQuota signature
• lxd/container: Links containerConfigureInternal to new storage package
• lxd/db: Cover all combinations of instance filters
• lxd/db: Re-generate DB code
• lxd/storage/drivers: Add locking
• lxd/storage/drivers: Add cephfs
• lxd/storage/drivers: Make locks per-pool
• lxd/storage/cephfs: Fill remaining Info fields
• lxd/storage/cephfs: Use SetVolumeQuota in UpdateVolume
• lxd/storage/cephfs: Don't run RemoveAll on snapshots
• lxd/container/lxc: Links Rename to new storage package
• lxd/storage/backend/lxd: Reworks symlink functions
• lxd/storage/cephfs: Simplify rename logic
• lxd/storage/cephfs: Comment consistency
• lxd/storage/backend/lxd: RenameInstance
• lxd/storage/interfaces: Removes unused Path function in Instance interface
• lxc/move: Fixes instance snapshot rename validation and crash
• lxd/storage/backend/lxd: RenameInstanceSnapshot
• lxd/storage/cephfs: Implement GetVolumeUsage
• lxd/storage/dir: Properly revert snapshots
• lxd/storage/cephfs: Fix SetVolumeQuota
• lxd/storage/cephfs: Fix ordering in Copy/Migration
• Move renderTable to utils.RenderTable()
• Add new "lxd cluster" sub-command
• Add clustering_recover integration test
• clustering.md: add documentation about disaster recovery
• lxd/storage/dir: Add check for bad source path
• lxd/storage: Add localOnly handling of create/delete
• lxd/operations: Support nil state
• lxd/storage: Switch Create to new logic
• lxd/storage/utils: Only create needed directories
• lxd/storage/cephfs: Fix bad config keys
• lxd/storage: Switch Delete to new logic
• lxd/storage: Switch Mount to new logic
• lxd/storage/cephfs: Don't fail if already mounted
• lxd/api/internal: Updates use of renamed functions
• lxd/container: Updates return values of instance create and load functions
• lxc/container: Renames containerCreateFromImage to instanceCreateFromImage
• lxd/container: Renames containerCreateInternal to instanceCreateInternal
• lxd/container/lxc: Updates use of renamed c.state.Cluster.InstanceRemove
• lxd/containers/post: Adds VM support to createFromImage
• lxd/db/containers: Renames ContainerRemove to InstanceRemove
• lxd/container: Renames containerCreateAsEmpty to containerCreateAsEmpty
• lxd/containers/post: Updates use of instanceCreateAsEmpty
• lxd/storage/backend/lxd: Pass correct content type to storage drivers for VMs
• lxd/storage/drivers/utils: Unexports deleteParentSnapshotDirIfEmpty
• lxd/storage/drivers/driver/dir: Updates use of deleteParentSnapshotDirIfEmpty
• lxd/container/lxc: Updating DB usage to be instance type agnostic
• lxd/container/post: Updates usage of InstancePool
• lxd/container/test: Updates instanceCreateInternal usage
• lxd/api/internal: InstancePath usage
• lxd/container/lxc: InstancePath usage
• lxd/storage/backend/lxd: InstancePath usage
• lxd/storage/storage: Renames ContainerPath to InstancePath
• lxd/storage/dir: InstancePath usage
• lxd/storage/zfs: InstancePath usage
• lxd/container/test: InstancePath usage
• lxd/db/storage/pools: Adds VM instance type constant and conversion codes
• lxd/db/containers: Updates pool lookup functions to be instance type agnostic
• lxd/storage/load: InstancePool usage
• lxd/db/containers/test: InstancePool usage
• lxd/storage: InstancePool usage
• lxd/storage/dir: Don't apply quotas on snapshots
• lxd/device/nic: Fix race in vlan creation
• lxd/device/nic: Fix handling of shared vlans
• lxd/storage/cephfs: Store version globally
• lxd/storage/drivers: Drop Usable field
• lxd/storage/drivers: Implement load function
• lxd/storage/cephfs: Implement load
• lxc/init: Adds vm flag to init command
• lxc/copy: copyContainer tweaks
• lxd/container: Adds support for VM creation to instanceCreateInternal
• lxd/container: Adds VM support to instanceLoad
• lxd/storage/drivers/utils: Adds createSparseFile
• lxd/storage/backend/lxd: Signature and comment tweaks for filler function
• lxd/storage/drivers/driver/cephfs: filler usage update
• lxd/storage/drivers/driver/dir: Adds VM support to CreateVolume
• lxd/storage/drivers/driver/dir: Adds content type checking to some functions
• lxd/storage/drivers/interface: CreateVolume signature update for filler change
• lxd/storage/utils: Adds VM type conversion
• lxd/storage/utils: Updates ImageUnpack to support VM images
• lxd/storage: Updates ImageUnpack usage
• lxd/sys/fs: Adds VM dirs
• lxd/containers: Renames containerDeleteSnapshots to instanceDeleteSnapshots
• lxd/container/lxc: instanceDeleteSnapshots usage
• lxd/device/device/utils/network: Adds networkCreateTap
• lxd/device/nic/bridged: Adds initial support for VM
• lxd/device/disk: Initial VM support
• lxd/storage/backend/lxd: GetInstanceDisk implementation
• lxd/storage/drivers/driver/ceph: GetVolumeDiskPath placeholder
• lxd/storage/drivers/driver/dir: GetVolumeDiskPath implementation
• lxd/storage/drivers/interface: Adds GetVolumeDiskPath
• lxd/container/console: Improves resilience of console checking
• shared/container: Adds support for vm.uuid volatile key
• lxd/container: progress meta data
• lxd/containers/post: createFromImage instances created field
• lxd/storage/backend/lxd: CreateInstanceFromCopy qcow2 comment
• i18n: Update translation templates
• lxd/containers/post: createFromNone VM support
• lxd: Move IsJSONRequest to util package
• client: Add vsock support
• client: Add ConnectLXDHTTP function
• lxd/vsock: Add vsock HTTP client
• lxd-agent: Add basic structure
• lxd-agent: Add state command
• lxd-agent: Add operations command
• lxd-agent: Add exec command
• lxd-agent: Add file command
• shared/idmap: Fix build tags
• lxd/util: Restrict sys.go to LXD itself
• lxd/sys: Restrict to LXD itself
• lxd/state: Use empty struct when not LXD
• lxd/response: Split SmartError into LXD/non-LXD
• lxd/operations: Disconnect from DB on non-LXD
• lxd/endpoints: Allow building on non-Linux
• lxd/db: Allow external use without dqlite
• Fix golint warnings
• lxd/container: Improves create from imate type mismatch error
• lxd/container/console: Makes console logic instance type agnostic
• lxd/container/lxc: Updates Console to return an os.File
• lxd/instance/interface: Updates Console signature
• lxd/db/images: Fixes bug in ImageSourceGetCachedFingerprint not applying image type filter
• shared/cert: Useful comment about cert type on FindOrGenCert
• lxd/vm/qemu: Initial implementation of VM Qemu instance type
• client/connection: Simplifies ConnectLXDHTTP
• lxd/vm/qemu: Adds agent connection setup
• lxd/vsock: Simplifies HTTPClient
• lxd/vm/qemu: Implement FilePush for VMs
• lxd/vm/qemu: Implement FilePull for VMs
• lxc/storage: Add support for virtual-machine volumes
• lxd/storage: Add support for virtual-machine volumes
• lxd/vm: Set WorkingDirectory in unit
• lxd/vm: Fix TLS authentication to agent
• lxd-agent: Fix golint
• lxd-agent: Remove dead code
• lxd-agent: Function name consistency
• lxd-agent: Avoid global variables
• lxd-agent: Load certs from current dir
• Makefile: Have default build static lxd-p2c
• Makefile: Add lxd-agent
• lxd-agent: Port to cobra
• lxd-agent: Re-order imports
• lxd/vsock: Switch to single implementation
• api: Add extention for passing in raw mount options
• doc/container: added raw_mount_options to disk options
• lxd/device add support for raw_mount_options for disk device mounts
• tests: Add test for raw.mount.options for disk device mounts
• lxc/image: Truncate image files down to size
• lxd/images: Truncate image files down to size
• client: Add Disconnect function
• lxd/vm: Fix UEFI secure boot
• lxd/vm: Use filepath rather than manual joining
• lxd/device/nic/ipvlan: removes unused optional "host_name" config field.
• lxd/device/nic/routed: Adds veth routed NIC device
• shared/version/api: Adds container_nic_routed API extension
• doc/containers: Adds routed nic type docs
• test: Adds routed nic tests
• seccomp: implement redirection to fuse
• api: add container_syscall_intercept_mount_fuse extension
• doc: add security.syscalls.intercept.mount.fuse
• scripts: add security.syscalls.intercept.mount.fuse
• lxd/vm: Cleanup config layout
• lxd/vm: Add an identifying serial device
• lxd/vm/qemu: Adds missing secure boot EFI firmware error
• seccomp: only apply shift when it is needed
• shared/simplestreams: Support disk-kvm.img
• shared/cert: Make adding of ip/names optional
• lxc/config: Update to changed cert functions
• lxd/util: Update to changed cert functions
• lxd/vm: Update to changed cert functions
• lxd-agent: Update to changed cert functions
• lxd-p2c: Update to changed cert functions
• lxc-to-lxd: Update to changed cert functions
• seccomp: test flag parsing and log ignored flags
• shared: Update to changed cert functions
• seccomp: attach to pid namespace when mounting through fuse
• lxd-agent: Generate the cloud-init configuration
• lxd/vm: Use 9p for agent drive
• lxd/storage: Only use raw images
• lxd/storage/drivers: Don't return disk type
• lxd/storage: Don't return disk type
• lxd: Use raw disk images only
• lxd/vm: Add install script in 9p
• lxd/device/disk: Adds support for generating VM config drive
• lxd/device/nic/bridged: Adds hwaddr to runConf when instance type is VM
• lxd/vm/qemu: Modifies qemu config generation to support dynamic devices
• lxd/container: Renames containerValidDevices to instanceValidDevices
• lxd/device/device/instance: Adds Path() to Instance interface
• lxd/device/disk: Adds support for generating VM cloud-init config drive
• lxd: Updates instanceValidDevices usage
• lxd: Fixes bug in fillNetworkDevice volatile hwaddr generation
• lxd/vm/qemu: Fix root disk path in device
• lxd/vm/qemu: Only connect to VM agent to get state if VM is running
• lxd/vm/qemu: Comment about generateConfigShare meta-data generation
• lxd/device/unix/common: Device naming functions usage
• lxd/device/device/utils/generic: Adds generic device naming functions
• lxd/device/gpu: Device naming functions usage
• lxd/device/disk: Uses generic device name path functions
• lxd/device/device/utils/unix: Device naming functions usage
• lxd/device/device/utils/unix: Removes unused device naming functions
• lxd/include: Fix SECCOMP_GET_ACTION_AVAIL define
• lxd/vm: Update systemd units
• lxd: Cleanup storage volumes properly for VMs
• lxd/instances: Add /1.0/virtual-machines
• lxd/storage: Fix GetVolumeSnapshotDir return value
• lxd/vm: Implement Exec for VMs
• lxd-agent: Proper logger
• lxd/container/exec: Don't require cmd to be returned from inst.Exec()
• lxd-agent/exec: Add buffered channel to prevent deadlock on cmd exit
• client/lxd: log websocket URL
• client/lxd/events: Fixes /events connect bug
• lxd-agent/exec: Fixes go routine leak
• lxd-agent/daemon: Adds daemon for storing event server to agent
• lxd-agent/events: Adds /events websocket route to agent
• lxd/state/notlinux: Adds Events field to non-linux/agent State struct
• lxd/operations/operations: Adds SetEventServer function
• lxd/operations: Reinstates sending events when no state
• lxd-agent/exec: Links daemon's event server to operation
• lxd-agent: Adds daemon to request
• lxd: More event socket logging
• lxd/vm/qemu: Disconnects VM agent after use
• lxd/vm/qemu: Interactive unbuffered exec console
• lxd-agent: Add missing setsid call on exec
• lxd-agent: Fix uid/gid/cwd in exec
• lxd/agent/exec: More debug status messages for exec handler
• lxd/container/exec: Updates exec handler to use new inst.Exec signature
• lxd/container/lxc: Updates Exec() to return a instance.Cmd
• lxd/instance/interface: Updates Exec() function to be local or remote command agnostic
• lxd/vm/qemu: Updates Exec() to return instance.Cmd
• lxd/container/lxc/exec/cmd: Implementation of instance.Cmd for containerLXC
• lxd/vm/qemu/cmd: Implementation of instance.Cmd for vmQemu
• lxd/instance/instance/exec/cmd: Cmd interface
• lxd-agent/exec: Removes \n from logging
• lxd/vm/qemu: Better error message to users when failing to connect to lxd-agent
• lxd-agent/exec: Makes the terminal the controlling terminal of the calling process
• lxd/vm: Make OVMF path configurable
• lxd/vm/qemu: Comment ending consistency
• lxd/vm/qemu: Handle deletion of storage volume DB record when reverting VM create
• lxd/storage/backend/lxd: Adds same pool optimisation to CreateCustomVolumeFromCopy
• lxd/container: container to instance renames, comment improvements
• lxd/containers/post: Adds instances field to response from createFromCopy
• lxd/container: instanceCreateAsCopy rename and revertion logic
• lxd/container: instanceCreateInternal comment
• lxd/containers/post: instanceCreateAsCopy usage
• scripts/bash: Refresh list of commands
• api: Add container_disk_ceph API extension
• lxd: Add support for CEPH FS backed disks and CEPH RBD backed disks
• tests: Add test for CEPH backed disks
• doc: Add support for CEPH backed disks
• lxd: Fixing srcPath check for cephs
• lxd: Correct srcPath check for cephs
• lxd: Fixing single quote on ceph check
• lxd/device/disk: Fix mounting cephfs
• lxd/device/disk: Format blocks a bit
• tests: Fix typo in cephfs test
• lxd: Fix ceph_rbd volatile key
• lxd/storage: Rename storagePoolVolumeUsedByContainersGet
• lxd/storage: Rename storagePoolVolumeUsedByRunningInstancesWithProfilesGet
• lxd: Have instanceLoadByProject return all instances
• lxd/vm: Use leases to get IP
• lxd/storage/zfs: Fix migration on zfs 0.6
• lxd/vm/qemu: Removes deprecated Storage() function
• lxd/instance/instance/interface: Moves Instance interface into instance pkg
• lxd/instance/interface: Removes old Instance interface
• lxd: Updates references to Instance interface
• lxd/storage: Fix DeleteImage return value
• lxd/storage/cephfs: Properly handle root path
• lxd/vm: Reverse interface counters
• lxd/container: Adds operation arg to instanceCreateAsCopy
• lxd/containers/post: Passes operation to instanceCreateAsCopy
• lxd/container: Links instanceCreateAsCopy to new storage pkg
• lxd/container: source snapshot var naming for clarity
• lxd/storage/interfaces: Exposes ExpandedDevices() on Instance interface
• lxd/storage/interfaces: Updates Instance migration signatures
• lxd/storage/interfaces: Changes i arg var to inst to represent Instance
• lxd/storage/backend/mock: Updates instance migration signatures
• lxd/db/containers: Removes unused ContainerCreationUpdate replaces with InstanceSnapshotCreationUpdate
• lxd/migrate/storage/volumes: Fixes typo
• lxd/migration/interfaces: Removes unused definitions
• lxd/storage/backend/lxd: Updates CreateInstance to use root disk device config
• lxd/storage/backend/lxd: Implements CreateInstanceFromCopy
• lxd/storage/backend/lxd: Updates CreateInstanceFromImage to use instance root disk config
• lxd/storage/backend/lxd: Implements CreateInstanceFromMigration
• lxd/storage/backend/lxd: Implements MigrateInstance
• lxd/storage/backend/lxd: Adds comment to EnsureImage explaining for volume config not needed
• lxd/storage/backend/lxd: Comment consistency in CreateCustomVolumeFromCopy
• lxd/storage/backend/lxd: Add comment to MigrateCustomVolume explaining volume config not needed
• lxd/storage/backend/lxd: Close migration connection on error in CreateCustomVolumeFromMigration
• lxd/device/device/runconfig: Moves to device/config pkg
• lxd/instance/instance/interface: Removes device pkg import
• lxd: Updates use of deviceConfig.RunConfig
• Use the node ID from the nodes ID table, not the raft one
• lxd/patches: Fix database roles
• lxd/container/lxc: Reorders containerLXC Delete() stages
• lxd/vm/qemu: Makes Delete() aligned with containerLXC's Delete()
• lxd/container: Removes instanceCompareSnapshots
• lxd/instance/instance/utils: Adds CompareSnapshots function
• lxd/container: Updates instance.CompareSnapshots usage
• lxd/container: Links instanceCreateAsCopy refresh instance to new storage pkg
• lxd/storage/interfaces: RefreshInstance signature
• lxd/storage/backend/lxd: Implements RefreshInstance
• lxd/storage/backend/mock: RefreshInstance placeholder
• lxd/storage/drivers/interface: Adds RefreshVolume
• lxd/storage/drivers/driver/cephfs: Adds RefreshVolume placeholder
• lxd/migration/migration/volumes: Adds Refresh property to VolumeTargetArgs
• lxd/storage/drivers/driver/dir: RefreshVolume implementation
• lxd/storage/drivers/volume: Adds Name() function
• lxd/storage/backend/lxd: Adds HasVolume checks to CreateInstanceFromMigration and CreateInstanceFromCopy
• lxd/cluster: Only promote to database role if >= 3 members
• doc/clustering: Document database role during cluster scaling
• lxd/vm/qemu: Adds storage pool Mount/Unmount calls
• lxd/device/disk: Prevents error logs about unsupported disk drive on VM stop
• lxd/vm: Add support for aarch64
• api: Add virtual-machines API extension
• shared: Rename ContainerAction to InstanceAction
• shared: Rename KnownContainerConfigKeys to KnownInstanceConfigKeys
• shared: Rename ContainerGetParentAndSnapshotName to InstanceGetParentAndSnapshotName
• lxc: Update for ContainerGetParentAndSnapshotName rename
• lxd/containers: Update for ContainerAction rename
• lxd: Update for ContainerGetParentAndSnapshotName rename
• doc/api-extensions: Fix escaping
• doc: Rename containers to instances
• doc/instances: Description consistency
• doc/instances: Fix escaping and alignment
• doc/profiles: Update for instances
• doc: Add containers/virtual-machines pages
• lxc: Update for KnownInstanceConfigKeys
• doc/instances: Remove API extensions
• doc/instances: Add missing volatile keys
• doc: Add new pages to metadata
• tests: Update unit and integration tests for cluster join
• lxd: Add raw.qemu
• shared: Add raw.qemu
• doc: Add raw.qemu
• scripts/bash: Add raw.qemu
• lxd: Add security.secureboot
• shared: Add security.secureboot
• doc: Add security.secureboot
• scripts/bash: Add security.secureboot
• lxd: Instance is not container type error consistency
• lxd/container: Removes container type
• lxd: Removes use of container type
• lxd: Renames containerCreateAsSnapshot to instanceCreateAsSnapshot
• lxd/container/snaphot: Returns instances property in response
• lxd/container/snapshot: Removes duplicated instance type check
• lxd/storage: Changes CreateInstanceSnapshot signature to accept source instance
• lxd: Hooks instanceCreateAsSnapshot up to new storage pkg
• lxd/storage/drivers/load: Adds RunningSnapshotFreeze to driver Info struct
• shared/generate: Insert build tag
• lxd/storage/drivers/driver/dir: Defines dir driver needs freeze during snapshot
• lxd/storage/backend/lxd: Adds snapshot check to ensureInstanceSymlink
• lxd/storage/backend/lxd: Implements CreateInstanceSnapshot
• doc: Documents the VM cloud-init:config drive option
• lxd-agent: Put /snap/bin in PATH
• lxd/storage/btrfs: Fix StorageEntitySetQuota
• seccomp: block new mount API when mount interception is requested
• lxd/networks: Merge clsuter config on create
• lxd/networks: Forward config updates
• lxd/storage: Renames interfaces.go to pool_interface.go
• lxd/storage/pool/interface: Removes Instance interface
• lxd/storage: Switches to use instance.Instance interface
• lxd/container/put: Renames containerSnapRestore to instanceSnapRestore
• lxd/container/lxc: Links snapshot Restore() to new storage pkg
• lxd/storage/interfaces: RestoreInstanceSnapshot signature
• lxd/storage/backend/mock: RestoreInstanceSnapshot signature
• lxd/storage/backend/lxd: Implements RestoreInstanceSnapshot
• lxd/container/backup: Comment tweaks and inst var rename
• lxd/backup: Links backupCreate to new storage pkg
• lxd/storage/drivers/driver/dir: rsync.LocalCopy return value consistency
• lxd/storage/backend/lxd: Ensures all instance functions use project aware storage names
• lxd/storage/backend/lxd: Implements BackupInstance
• lxd/storage/drivers/interface: Adds BackupVolume
• lxd/storage/drivers/driver/cephfs: Adds BackupVolume placeholder
• lxd/storage/drivers/driver/dir: Adds BackupVolume
• shared/archive/linux: Adds some explanation to DetectCompressionFile
• lxd/images: Adds more output detail when tar2sqfs fails in compressFile
• lxd/container: instanceCreateFromBackup restructure so as not to return storage
• lxd/containers/post: Updates createFromBackup to not need storage returned from instanceCreateFromBackup
• lxd/images: Fix image pruning with projects
• lxd/images: Fix VM image export
• client: Fix VM image export
• shared: Un-restrict archive.go
• shared: Add qcow2
• client: Fix VM image import
• lxc/image: Detect type on import
• Rename containers to instances in db views
• Drive-by fix of UsedBy for networks
• lxd/vm: Add limits.memory.hugepages
• shared: Add limits.memory.hugepages
• doc: Add limits.memory.hugepages
• scripts/bash: Add limits.memory.hugepages
• doc/instances: Indicate VM support when applicable
• shared: Cleanup console on error
• lxd: Cleanup console on error
• lxd/console: Improve disconnection handling
• lxd/vm: Add locking around console
• Remove accidentally committed testimage.tar.xz
• Add arch column to nodes table
• Add NodeAddWithArch() method to add a node with a specific arch
• lxd/backup/backup/instance/config: Adds instance config backup.yml tools
• lxd/api/internal: Removes slurpBackupFile and switches to backup.ParseInstanceConfigYamlFile
• lxd/backup: Removes backupFixStoragePool
• lxd/containers/post: Updates instanceCreateFromBackup usage
• lxd/container: Updates instanceCreateFromBackup signature
• lxd/backup/backup/instance/config: UpdateInstanceConfigStoragePool no longer updates snapshots backup.yaml
• lxd: Comment improvements
• lxd/containers/post: Adds storage pool check to createFromBackup
• lxd/container: Removes storage pool check from instanceCreateFromBackup
• lxd/backup/backup: Removes squashfs handling from GetInfo
• lxd/container: Removes squashfs handling from instanceCreateBackup
• lxd/containers/post: Moves backup restore squashfs handling to createFromBackup
• Document container launch algorithm on cluster
• lxd/storage/utils: Adds InstanceContentType
• lxd/container/post: Cleans up createFromMigration
• lxd/storage/zfs: Fix pool import
• lxd/container/lxc: Updates use of backupFile to backup.InstanceConfig
• lxd/storage/backend/lxd: Implements CreateInstanceFromBackup
• lxd/storage: Updates CreateInstanceFromBackup signature
• lxd/container: Updates instanceCreateFromBackup to use new storage pkg
• lxd/containers/post: Updates instanceCreateFromBackup usage with hooks
• lxd/backup/backup/instance/config: Updates UpdateInstanceConfigStoragePool to take mount path
• lxd/container: Updates backup.UpdateInstanceConfigStoragePool usage
• lxd/storage/backend/lxd: Switches to InstanceContentType function
• lxd/storage/drivers/interface: RestoreBackupVolume signature
• lxd/storage/drivers/driver/cephfs: RestoreBackupVolume placeholder
• lxd/storage/drivers/driver/dir: Moves initial project quota setup to own function
• lxd/storage/drivers/driver/dir: Implements RestoreBackupVolume
• lxd/containers/post: Pass state to migration Do function
• lxd/migrate/container: Restructure of migrationSink.Do()
• lxd/migrate/storage/volumes: Comment restructure
• lxd: Pass instance type to instanceLoadNodeAll
• lxd/vm: Tweak default memory
• lxd/vm: Add a virtio graphics card
• lxd/vm: Add ringbuffer on vserial
• lxd-agent: Add vserial state notification
• lxd/qmp: Introduce new QMP wrapper
• tests: Add lxd/qmp to golint
• lxd/vm: Port to new qmp package
• lxd/vm: Don't start or reboot the VM
• lxd/vm: Use agent detection from QMP
• lxd/vm: Restart monitor on startup
• lxd/vm: Use shared ringbuf size definition
• lxd/vm: Implement freeze/unfreeze
• lxd/vm: Privileged mode doesn't apply
• client: Add agent version of DeleteInstanceFile
• lxd/vm: Add FileRemove support
• lxd/seccomp: Fix golint
• lxd/daemon: Don't block on RBAC
• lxd/storage/backend/lxd: Fixes comments
• lxd/storage/backend/lxd: Adds symlink and revert support to CreateInstanceFromMigration
• lxd/storage/backend/lxd: Adds optimised migration over image support to CreateInstanceFromMigration
• lxd/migrate/container: Links migrationSink.Do to new storage pkg
• lxd/containers/post: Links createFromMigration to new storage pkg
• lxd/cluster: More reliable event delivery
• lxd/response: Coding style
• lxd/operations: Use ForwardedResponse
• lxd/images: Coding style
• lxd/cluster: Coding style
• lxd: Tweak cluster.Connect calls
• lxd/container/post: Returns instances resources from containerPost
• lxd/migrate/container: Removes duplicated instance type checks from migrationSourceWs.Do
• lxd: Removes dependency on instance.DaemonState() from migrationSourceWs
• lxd/storage: Removes DaemonState() from pool interface
• lxd/migrate/storage/volumes: Removes unrelated comment
• lxd/migrate/container: Restructures migrationSourceWs.Do() ready for new storage layer.
• lxd/storage: Properly handle driver config changes
• lxd/storage/backend/lxd: Comment typos
• lxd/storage/drivers/drive/dir: Add support for 2-phase migration
• lxd/migration/migration/volumes: Adds Live property to VolumeTargetArgs
• lxd/migrate/container: Add support for 2-phase sync in migrationSink.Do()
• lxd/migrate/container: Sends refresh request indicator in migration response header
• lxd/rsync/rsync: Adds more info to error returned in sendSetup
• lxd/storage/drivers: Adds Config() function to return read-only copy of pool config
• lxd/container/post: Minor cleanup and instance info output in containerPost
• lxd/migrate/container: Links migrationSourceWs.Do to new storage pkg
• lxd/migration/migration/volumes: Adds FinalSync bool to VolumeSourceArgs
• lxd/storage/backend/lxd: Adds sanity check to MigrateInstance during FinalSync
• lxc/copy: Updates copyContainer to not modify volatile.idmap.next
• lxd/util: Add HasFilesystem
• lxd: Detect built-in shiftfs too
• api: Add image_profiles extension
• shared/api: Add image profiles
• lxc/image: Add support for image profiles
• lxd/db: Add images_profiles table
• lxd/images: Add support for image profiles
• doc/image-handling: Add image profiles
• lxd/cluster: Fix handling of ceph/cephfs on join
• tests: Always use force with stop/restart
• tests: Tighten sleep calls
• lxc/storage: Fix template apply on cross-pool copy
• tests: Add tests for image profiles
• tests: Respect projects in ensure_import_testimage
• i18n: Update translation template
• lxd/storage/drivers/driver/types: Moves Info definition and adds VolumeFiller type
• lxd/storage/drivers/load: Removes non-load related types from this file
• lxd/storage/drivers/interface: Updates CreateVolumeFromMigration and CreateVolume to use VolumeFiller
• lxd/storage/drivers/driver/cephfs: Updates CreateVolumeFromMigration and CreateVolume to use VolumeFiller
• lxd/storage/drivers/driver/dir: Updates CreateVolume to use VolumeFiller
• lxd/storage/drivers/driver/dir: Updates CreateVolumeFromMigration to accept a pre-VolumeFiller argument
• lxd/storage/backend/lxd: Updates to use VolumeFillers
• lxd/backup: Comment consistency
• lxd/daemon: Adds LXD_SHIFTFS_DISABLE env var to disable shiftfs
• doc/environment: Documents LXD_SHIFTFS_DISABLE env var
• lxd/container/lxc: Updates Export to use new storage pkg for mounting
• shared/containerwriter/container/tar/writer: Fixes bug with rootfs dir not being unshifted
• lxd/vm: Remove default GPU
• lxd/vm: Update comment
• lxd/vm: Record power state
• lxd/container/lxc: Unexport storageStartSensitive
• lxd/vm/qemu: Makes mount and unmount functions behave the same as containerLXC's
• lxd/storage/backend/lxd: Fixes MountInstanceSnapshot/UnmountInstanceSnapshot functions
• lxd/container/lxc: Links to new storage pkg
• lxd/container/lxc: Updates containerLXCCreate to init new storage layer
• lxd/container/lxc: Updates initStorage to warn if init old storage layer when new layer is running
• lxd/container/lxc: Updates Delete to not use old storage layer when using new storage layer
• lxd/container/lxc: Updates Update() to detect whether to write backup file without using old storage layer
• lxd/container/lxc: Updates Migrate to access PreservesInodes from old and new storage layers
• lxd/vm: Don't use named return variables
• lxd/resources: Port to new storage API
• lxd/storage: Fix new storage API handling for snapshots
• lxd/storage: Remove legacy cephfs implementation
• lxd/storage/cephfs: Use all monitors on mount
• lxd/storage: List VM volumes in UsedBy
• lxd/storage: Fix UsedBy with projects
• Enable SQLITE_CONFIG_MULTITHREAD
• tests: Don't use fixed timestamp
• lxd/forkdns: Fix help message
• lxd/forkdns: Fix logging
• lxd/forkdns: Use clean request messages
• tests: Fix security test on non-shiftfs
• lxd/vmqemu: Moves vmqemu files into sub folder for their own package
• lxd/instance/vmqemu/vm/qemu: Updates VMQemu to exist in own package
• lxd/instance/vqemu/vm/qemu/cmd: Updates to be in own package
• lxd/networks: networkGetLeaseAddresses into instance package
• lxd/backup/backup: Adds New() function
• lxd: Moves instance load and instance validation functions into instance pkg
• lxd/vm: Rename vmqemu to qemu
• lxd/vm: Move qmp under qemu
• lxd/container: Fix comment
• lxd/vm: Remove reference to container
• lxd/networks: Simplify instance hwaddr logic
• tests: Really fix non-shiftfs security test
• lxc/image: Rename ARCH to ARCHITECTURE
• i18n: Update translation templates
• lxd/instance/qemu: Sets log file to qemu.log
• lxd/storage/cephfs: Fix rsync migration
• lxd/container: Cleanup mount logic
• lxd/container: Remove unused initStorage
• lxd/import: Fix handling of new drivers
• lxd/backup: Fix backup creation on new drivers
• lxd/storage/zfs: Use StoragePool to get pool name
• tests: Remove pointless loop/check
• tests: Test copy on cephfs
• Rename database_update.sh to database.sh
• Don't retry in case of generic I/O errors
• Add test_database_no_disk_space
• lxd: Fix backup handling with hyphenated names
• test/suites/backup: Test hyphenated instance names
• lxd/cgroup: Add basic cgroup abstraction
• lxd/container: Add wrapper for cgroup abstraction
• lxd/container: Port pids.max to cgroup abstraction
• tests: Always pass --force
• tests: Use lazy unmount in DB test
• lxd/instance: Split instance image resolving
• lxd/state: Expose proxy function
• lxd/container: Don't crash test on differing state
• shared/simplestreams: Implement GetAliasArchitectures
• client: Add arch-dependent aliases
• client: Add caching options
• lxd/instance: Implement SuitableArchitectures
• shared/simplestreams: Implement caching support
• client: Setup caching for simplestreams
• lxd/daemon: Remove custom cache implementation
• lxd/daemon: Port daemon storage to new functions
• Improve build-from-source instructions to be clearer and also cover building a specific release of LXD.
• lxd/{device,networks,util}: Move Sysctl to util from device and change usage
• lxd/{firewall,iptables}: Introduce firewall interface and xtables implementation, add firewall interface to static analysis
• lxd/{daemon,state}: Firewall struct added to daemon and state
• lxd/{device,networks}: Switch from iptables to xtables through firewall interface
• tests: Don't leak storage in ENOSPC test
• lxd/db: Rename ContainerNames to InstanceNames
• cgroups: pre-mount on pure-cgroup2 systems with cgroup namespaces
• lxd/iptables: Fix ebtables handling regression
• lxd/storage: Port volume attach/detach
• lxd/storage: Store pool db entry in backend
• lxd/storage/drivers: Implement Update/Validate
• lxd/storage: Implement pool updates
• lxd/storage: Port pool update to new functions
• lxd/main/forkdns: Adds recursion desired comment that got removed during refactor
• lxd/instance/qemu/vm/qemu: Adds -no-user-config to qemu start flags
• lxd/instance/qemu/vm/qemu: Adds chroot flag to qemu start up command
• lxd/{test,cgroup}: Add cgroup package to static analysis tests
• daemon: log cgroup layout on startup
• lxd/instance/qemu/vm/qemu: Implements deviceAdd and deviceRemove
• shared/simplestreams: Only write cache if configured
• lxd/vm: Reduce 9p mount access
• lxd/sys: Expose UnprivUser/UnprivUID
• lxd/networks: Port to os.UnprivUser
• lxd/instance/qemu/vm/qemu: Adds -runas flag to qemu
• lxd/db: Add missing unique key
• lxd/db: Add upgrade logic for UNIQUE fix
• lxc/cgroup: Fix bad error handling
• lxd/storage: Create image volume DB entry
• lxd/images: Port to new storage functions
• lxd/storage: Move storage_cgo.go to drivers package
• lxd/storage/drivers: Add FS and mount functions
• lxd: Use FS and mount functions from drivers package
• lxd/storage: Remove FS and mount functions
• Add basic bridge documentation
• lxd: Mark container snapshots as such
• lxd/storage/locking: New storage locking package
• lxd/storage: Lock image creation
• lxd/backup: Rename HasBinaryFormat to OptimizedStorage
• lxd/storage/drivers: Update RestoreBackupVolume signature
• lxd/storage: Update call to RestoreBackupVolume
• test/suites: Satisfy shellcheck
• lxd/storage: Add refresh to MigrationTypes
• lxd/storage/drivers: Add refresh to MigrationTypes
• lxd: Update call to MigrationTypes
• shared: Implemented Background Process Manager
• shared: Implemented Background Process Manager tests
• lxd/storage/drivers: Always pass Volume argument
• lxd/storage/drivers: Use new driver interface
• lxd/storage: Always pass Volume to drivers
• lxd/storage: Removes unnecessary argument in backendLXD.create()
• lxd/storage/backend/lxd: Comment on function description
• lxd/storage/backend/lxd: Implements UpdateInstance
• lxd/storage/backend/lxd: Implements UpdateImage
• lxd/storage/backend/lxd: Adds detectChangedConfig and updates usage
• lxd/storage/backend/lxd: Switches to StoragePoolVolumeUpdateByProject
• lxd/db/storage/pools: Replaces StoragePoolVolumeUpdate with StoragePoolVolumeUpdateByProject
• lxd/storage/volumes: Updates storagePoolVolumeTypePut to be project aware
• lxd/storage/pool/interface: Adds Update functions for volumes
• lxd/storage/drivers/driver/common: Only allow size property on custom volumes
• lxd/storage/backend/mock: Adds Update functions for volumes
• lxd: Updates StoragePoolVolumeUpdateByProject usage
• lxd/storage/backend/lxd: Updates Update() to use detectChangedConfig()
• lxd/storage/backend/lxd: Implements UpdateInstanceSnapshot
• lxd/storage/backend/lxd: Adds updateVolumeDescriptionOnly
• lxd/storage/backend/lxd: Adds UpdateCustomVolumeSnapshot
• lxd/storage/volumes/snapshot: Updates storagePoolVolumeSnapshotTypePut to use new storage pkg
• lxd/cgroup: Additional resource get/set functions through cgroup abstraction layer
• lxd/{container_lxc, cgroup}: Use abstraction layer functions for cgroup V1 functionality
• lxd/cgroup: Return ErrControllerMissing on incomplete V2
• lxd/storage/dir: Use MountPath
• lxd/storage/dir: Move vfsResources
• lxd/storage/common: Add vfsRenameVolume
• lxd/storage/common: Add vfsVolumeSnapshots
• lxd/storage/common: Add vfsRenameVolumeSnapshot
• lxd/storage/common: Simplify vfsRenameVolume
• lxd/storage: Add createParentSnapshotDirIfMissing
• doc: Add new developer guide to contributing.md
• lxd/storage/cephfs: Cleanup driver
• lxd/storage: Rename RestoreBackupVolume to CreateVolumeFromBackup
• lxd/storage/dir: Cleanup driver
• lxc/storage/utils: Updates validateVolumeCommonRules to accept volume argument
• lxd/storage/drivers/volume: Exposes BlockBacking property from storage driver via IsBlockBacked()
• lxd/storage: Updates commonVolRulesFunc usage
• lxd: Fix order of cgroup initialization
• lxd/storage/backend/lxd: Adds protection against updating volume properties that cant be changed
• lxd/storage/drivers/volume: Exposes volume type and content type of Volume
• lxd/storage/utils: Improves common volume validation
• lxd/db/storage/pools: Adds StoragePoolNodeVolumeGetTypeIDByProject
• lxd/storage/utils: Makes VolumeDBCreate project aware
• lxd/storage/volumes/utils: Updates usage of VolumeDBCreate
• lxd/storage/backend/lxd: Updates usage of VolumeDBCreate
• lxd/storage/backend/lxd: Adds instanceRootVolumeConfig
• lxd/storage/backend/lxd: Updates to use instanceRootVolumeConfig
• lxd/storage/backend/lxd: Switches to use StoragePoolNodeVolumeGetTypeByProject
• lxd/storage/backend/lxd: Fixed UpdateInstance's incorrect used volStorageName for DB queries
• lxd/storage/drivers: Re-order utils
• lxd/storage: Move BaseDirectories to drivers
• lxd/storage/cephfs: Don't hardcode directory names
• lxd/storage/cephfs: Simplify Delete
• shared: Handle btrfs in IsMountPoint
• lxd/storage: Allow deletion of missing pools
• lxd/storage/dir: Move MigrateVolume to common
• lxd/storage/drivers/interface: Changes load() definition as no longer returns error
• lxd/storage/drivers/common: Removes calling driver's load() func from init()
• lxd/storage/drivers/load: Calls driver's load() function from main loader
• lxd/storage/drivers/driver/cephfs: Fix typo in tool detection
• lxd/storage/cephfs: Use common functions
• lxd/storage/common: Add vfsHasVolume
• lxd/storage/common: Add vfsGetVolumeDiskPath
• lxd/storage: Always init driver with state/logger
• lxd/storage: Replace CreateMountPath with EnsureMountPath
• lxd/storage/cephfs: Use helper functions
• lxd/storage/dir: Use helper functions
• lxd/cgroups: enable cgroup2 limit support
• lxd/storage: Pass state to SupportedDrivers
• lxd/storage: Expand volume config in newVolume
• lxd/storage/drivers: Use expanded config
• lxd/storage/drivers: Don't hardcode default block size
• lxd/storage/drivers/interface: Comments on pool mount/unmount definitions
• shared/util: Adds comment to TryRunCommand
• lxd/storage/backend/lxd: Fixes bug with non-project aware vol storage name in RenameInstance
• lxd/storage/drivers/utils: Removes implication of project awareness from driver mount point helpers
• lxd/storage/drivers: Move ensureVolumeBlockFile to utils
• lxd/storage: Split out backup unpack logic
• lxd/storage/dir: Fix for consistency
• lxd/storage/utils: Removes mount helper functions
• lx/storage/utils: Adds legacy mount functions to main pkg
• lxd/storage/drivers/utils: Unexports mount helper funcs except TryMount/TryUnmount
• lxd/patches: Updates to use TryMount/TryUnmount from storage/drivers pkg
• lxd/storage/drivers/driver/cephfs: TryMount usage
• lxd/storage/drivers/driver/dir: TryMount usage
• lxd/storage/btrfs: Updates to use unexported legacy mount functions
• lxd/storage/ceph: Updates to use legacy unexported mount functions, except TryMount/TryUnmount
• lxd/storage/lvm: Updates to use legacy unexported mount functions, except TryMount/TryUnmount
• lxd/storage/zfs/utils: Consistent import name for storage/drivers pkg
• lxd/storage/drivers: Export Name and Logger
• lxd/storage/drivers: Introduce genericCopyVolume
• lxd/storage/drivers: Introduce genericCreateVolumeFromMigration
• lxd/storage/drivers: Simplify genericBackupUnpack
• lxd/backup: Adds check for supported instance type when loading storage pool
• lxd/container: Adds check for supported instance type when restoring backup
• lxd/container/lxc: Adds check for supported instance type when loading storage pool
• lxd/migrate/container: Adds check for supported instance type when loading storage pool
• lxd/storage/drivers: Introduce vfsBackupVolume
• lxd/storage/drivers: Rename driver_cgo to utils_cgo
• lxd/storage/drivers: Add releaseLoopDev
• lxd/storage/utils: Improve error handling in forceUnmount
• lxd/storage/utils: Add fsUUID
• lxd/storage/utils: Add tryExists
• lxd/storage/utils: Add hasFilesystem
• lxd/storage/drivers: Add btrfs
• tests: Update exclusion for btrfs
• Update /operations endpoint API doc
• lxd/revert: Adds revert helper package for running revert functions in reverse order
• lxd/revert/revert/test: Adds revert tests
• lxd/storage/backend/lxd: Updates to use revert pkg rather than custom revertFuncs slice
• lxd/storage/drivers/driver/dir: Updates to use revert pkg rather than custom revertFuncs slice
• lxd/storage/drivers/driver/btrfs/volumes: Switches to revert pkg for CreateVolumeFromBackup
• lxd/storage/drivers/generic: Switches to revert pkg for genericBackupUnpack
• lxd/storage/utils: Clarifies comment on ImageUnpack
• lxd/storage/backend/lxd: Typo in error
• lxd/storage/memorypipe: Increases channel buffer size to allow Close() cleanup
• lxd/storage/backend/lxd: Close migration send end when error occurs
• lxd/storage/drivers/volume: Differentiates between volume config and pool config
• lxd/storage/backend/lxd: Removes expansion of pool's volume config into volume config in newVolume()
• lxd/storage/backend/lxd: Updates CreateCustomVolumeFromMigration to use Volume.Config() to create DB record
• lxd/storage/utils: drivers.NewVolume usage
• lxd/storage/drivers/driver/cephfs/volumes: drivers.NewVolume usage
• lxd/storage/drivers/driver/cephfs/volumes: vol.ExpandedConfig usage
• lxd/storage/drivers/driver/cephfs/volumes: Comments
• lxd/storage/drivers/driver/dir/utils: vol.ExpandedConfig usage
• lxd/storage/drivers/driver/dir/volumes: Comments
• lxd/storage/drivers/generic: NewVolume usage
• lxd/storage/drivers/utils: vol.ExpandedConfig usage
• lxd/storage/backend/lxd: Ensures VolumeDBCreate uses config from the Volume and not the request
• lxd/storage/drivers/driver/btrfs/volumes: Fixes usage of NewVolume
• Use JSON markdown blocks in docs
• cgroup: shortcut cgroup2 only layouts
• cgroups: detect blkio.bfq.weight knob
• lxd/instances: Export FillNetworkDevice
• doc/networks: Clarify raw.dnsmasq
• lxc-to-lxd: Set useragent
• lxd-p2c: Set useragent
• lxd: Always set user agent
• shared: Set user-agent in GetRemoteCertificate
• lxd/storage/drivers: Rename applyQuota to initVolume
• lxd/storage/drivers: Fix bad ExpandedConfig
• lxd/storage: Include size in instance update
• lxd/device/nic/routed: Improves IPv6 forwarding and proxy_ndp sysctl detection
• doc/instances: Updates routed nic sysctl requirements
• tests: Updates routed nic tests to enable proxy_ndp on all interfaces
• lxd/storage/backend/lxd: Switches create to use revert package
• lxd/storage/drivers/generic: Uses revert package on genericCreateVolumeFromMigration
• lxd/storage/drivers/generic: Adds refresh arg to genericCopyVolume
• lxd/storage/drivers: genericCopyVolume updated usage for refresh arg
• lxd/storage/drivers/driver/dir/volumes: Use SetVolumeQuota from UpdateVolume
• lxd/storage/backend/lxd: Makes specific lock name for volume EnsureImage action
• lxd/storage/drivers/volume: Adds UnmountTask function
• lxd/storage/drivers/utils: Adds volume filesystem shrink and grow functions
• lxd/storage/drivers/errors: Adds "not supported" error type
• lxd/container/lxc: Detects storage drivers that dont support volume usage stats
• tests: Don't leak CEPH pools
• lxd/storage: Set contentType during image deletion
• lxd/storage/drivers/generic: Improves genericBackupUnpack
• lxd/revert: Adds Clone function to revert
• lxd/storage/drivers/utils: Comments on wipeDirectory
• lxd/containers/post: Improves comment in createFromBackup
• lxd/storage/backend/lxd: Adds error checking to MountTask in CreateInstanceFromBackup
• lxd/storage/pool/interface: Adds UpdateInstanceBackupFile
• lxd/storage/backend/mock: Adds UpdateInstanceBackupFile
• lxd/storage/backend/lxd: Implements UpdateInstanceBackupFile
• lxd/instance/instance/interface: Adds UpdateBackupFile
• lxd/instance/qemu/vm/qemu: Implements UpdateBackupFile
• lxd/container/lxc: Implements UpdateBackupFile
• lxd/container: Switches to inst.UpdateBackupFile()
• lxd/container/lxc: Switches to inst.UpdateBackupFile()
• lxd/instance/instance/utils: Deprecates WriteBackupFile function
• lxd/instance/qemu/vm/qemu: UpdateBackupFile usage
• lxd/storage: Support deleting snapshots during restore
• lxd/images: Fix clustering handling on delete
• tests: Remove un-needed image volume delete
• lxd/storage: Update driver cache for new drivers
• Improve websocket doc in container exec
• lxd/qemu: Fix multiple NICs
• lxd/storage/drivers/volume: Adds DefaultFilesystem constant of ext4
• lxd/storage/utils: Uses DefaultFilesystem in VolumeFillDefault
• lxd/storage/backend/lxd: Updates EnsureImage to detech filesystem changes and regenerate
• lxd/storage/drivers/utils: Comment on shrinkFileSystem
• lxd/storage/drivers/utils: Mounts btrfs filesystems during shrinkFileSystem
• lxd/storage/drivers/utils: Adds regenerateFilesystemUUID functions
• lxd/storage/drivers: Use standard errors
• lxd/storage/btrfs: Disable send/receive inside containers
• lxd/init: Support new storage drivers
• lxd/storage/drivers: Use standard errors
• lxd/storage/btrfs: Disable send/receive inside containers
• lxd/init: Support new storage drivers
• lxd/migration: Improve multi-pass transfers
• lxd/storage: Pass VolumeSourceArgs as pointer
• lxd/storage: Port "zfs" to new driver logic
• tests: Add zfs to list of new drivers
• lxd/storage/backend/lxd: Applies root disk quota as part of backup import post hook
• lxd/storage/backend/lxd: Adds errors.Wrapf around os. and unix. function errors
• lxd/storage/drivers/driver/btrfs/volumes: tmpVolSuffix usage
• lxd/storage/drivers/volume: Adds tmpVolSuffix const
• lxd/storage/drivers/utils: Adds errors.Wrapf to mount/unmount functions
• lxd/storage/drivers/utils: Adds renegerateFilesystemUUIDNeeded
• lxd/storage/backend/lxd: Triggers backup file update in BackupInstance and and RenameInstanceSnapshot
• lxd/storage/backend/lxd: Improves revert in RenameInstance
• lxd/storage/drivers: Fix comments
• tests: Fix storage_compatible for zfs
• lxd/storage/drivers/generic: Adds EnsureMount path calls after mounting volumes
• lxd/device/disk: Defer instance type check until start time for cloud-init config drive
• lxd/migrate/container: Merges duplicate multi sync logic and adds comments
• lxd/storage/drivers/volume: Adds NewVMBlockFilesystemVolume and IsVMBlock functions
• lxd/storage/drivers/driver/zfs/volumes: VM block function usage
• lxd/storage/drivers/driver/zfs/utils: Removes unused checkVMBlock
• lxd/storage/pools: Support non-default project in storagePoolDelete
• lxd/device/device/instance: Removes interface in place of instance.Instance
• lxd/container: Replaces device.Instance with instance.Instance
• lxd/storage: Replaces device.Instance with instance.Instance
• lxd/device: Replaces device.Instance with instance.Instance
• lxd/device: Renames d.instance to d.inst to avoid conflicts with instance package
• lxd/storage: Updates storageRootFSApplyQuota to support VMs
• lxd/device/disk: Allow VM disks to be updated
• lxd/storage/drivers/utils: Adds copyDevice function
• lxd/storage/drivers: Filler logging
• lxd/storage/drivers/generic: Updates genericCopyVolume to be VM block aware using copyDevice
• client/lxd/instances: Sends instance type when copying instances
• lxc: Don't use instance when referring to server
• lxc: Rename container to instance
• lxc/info: Fix VM support
• i18n: Update translation templates
• lxd/storage/zfs: Fix set on 0.6
• lxd/storage/drivers: Use errors.Wrap
• lxd/storage/drivers: Wrap os/ioutil calls
• api: Add clustering_architecture extension
• shared/api: Add Architecture to ClusterMember
• lxd/db: Add Architecture to NodeInfo
• lxd/cluster: Track member architecture
• lxc/cluster: Add architecture column in list
• lxd/storage/backend/lxd: Add project support to GetInstanceUsage
• lxd/storage/utils: Removes default volume size from VolumeFillDefault
• test/suites/storage: Updates LVM quota tests to take into account new SI units conversion
• test/suites/backup: Fixes issue with import testing with LVM
• tests: Add lvm to list of new drivers
• lxd/storage/ceph: Fix volume size handling
• lxd/storage/drivers/utils: Adds loopFilePath function
• lxd/storage/drivers: Replace repetitive loop path generation with call to loopFilePath
• lxd/storage/drivers/load: Enables LVM driver
• lxd/db: Silence normal sql errors
• lxd/db: Fix image profile copying logic
• lxd/util: IsAddressCovered takes into account host names
• lxd/db: Add archs filter to ClusterTx.NodeWithLeastContainers()
• lxd/instance: make SuitableArchitectures handle snapshots too
• lxd/containers_post.go: Use cluster architecture in placement
• lxd/db: Ensure zfs.pool_name is set
• lxd/storage/drivers/lvm: LVM driver implementation
• lxd/containers: Use 'instance' key in templates
• lxc: Fix typo
• lxc: Bump examples to 18.04
• i18n: Update translation templates
• doc: s/container/instance/
• doc: Bump releases in examples
• doc/rest-api: Cover the three instance endpoints
• lxd/instance/qemu/vm/qemu: Adds running disk usage stats to disk state
• lxd/storage/backend/lxd: Adds VM support to GetInstanceUsage
• lxd/container: Adds VM support to instanceCreateAsSnapshot
• lxd/container/snapshot: Adds VM support to containerSnapshotHandler
• lxd/migration/migration/volumes: Fixes crash when storage driver has no transfer methods
• lxd/storage/drivers/driver/common: Adds VM support for migration types
• lxd/storage/drivers/driver/lvm: Adds VM support
• lxd/storage/drivers/drivers/lvm/utils: VM support
• lxd/storage/drivers/drivers/lvm/volumes: VM support
• lxd/instances: Fix creation from simplestreams
• lxd/db: Fix multi-arch cached images
• lxd/storage/drivers: Rename drivers_ to driver_
• lxd/storage/drivers: Implement patch mechanism
• lxd/storage: Add patch mechanism to backend
• lxd/patches: Add storage_create_vm
• Skip updating instances and profiles not using a volume being renamed
• i18n: Update translations from weblate
• lxd/storage/btrfs: Fix usage inside containers
• lxd/storage/backend/lxd: Validate config on pool create
• shared/instance: Adds IsSize to validate size strings
• lxd/storage/pools/config: Removes old LVM validation from storagePoolValidateConfig
• lxd/storage/utils: shared.IsSize usage
• lxd/storage/load: commonRules usage
• lxd/storage/utils: commonRules usage
• lxd/storage/drivers/load: Adds Validators type for common rules
• lxd/storage/drivers/interface: commonRules usage
• lxd/storage/drivers: Call d.validatePool in Validate function
• lxd/storage/drivers/drivers/common: Updates for commonRules
• lxd/storage/drivera/driver/common: Adds validatePool function
• lxd/storage/drivers/driver/dir/utils: commonRules usage
• lxd/storage/drivers/driver/btrfs: pool validation
• lxd/storage/drivers/driver/zfs: pool validation
• lxd/storage/drivers/driver/cephfs: pool validation
• lxd/storage/drivers/driver/common: Improved error messages in validatePool and validateVolume
• lxd/storage/pools: Fixes empty values for non-compat pools in storagePoolClusterConfigForEtag
• lxd/storage/pools/config: shared.IsSize usage
• lxd/storage/pools/config: comment
• lxd/storage/drivers/driver/lvm: Adds validation
• doc/api-extension: Fix formatting
• api: Add resources_disk_id extension
• shared/api: Add device_id to resources
• lxd/resources: Add device_id
• lxd/storage/drivers/driver/lvm: Adds stripe validation
• lxd/storage/pools/config: Adds volume.lvm.stripes and volume.lvm.stripes.size to pool validation
• lxd/storage/drivers/driver/lvm/utils: Updates createDefaultThinPool to support stripes
• lxd/storage/drivers/driver/lvm/utils: Updates createLogicalVolume to support stripes
• doc/storage: Documents storage_lvm_stripes options
• doc/api-extensions: trim whitespace
• doc/api-extensions: Adds storage_lvm_stripes
• shared/version/api: Adds storage_lvm_stripes extension
• lxd/storage/btrfs: Fix bad check
• lxd/containers: Properly setup cgroup writer
• lxd/cgroup: Fix memory limit handling

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 3.18 リリースのお知らせ¶

2nd of October 2019

はじめに ¶

LXD チームは、LXD 3.18 のリリースをお知らせすることにとてもワクワクしています!

このリリースには、今後の LXD リリースでコンテナと同時に仮想マシンをサポートするための実装に必要な多数の事前作業が含まれています。LXD 3.18 には、仮想マシンを扱えるように、多数の API の追加と Go クライアントと cli ツールへの変更が含まれています。

この変更のほとんどは、API と内部コードベース内の containers を、コンテナと仮想マシンの両方を包含する、より一般的な instances へゆっくり置き換えていくものです。

この作業の大部分は、現在の普通のユーザーには見えないものです。すべて完全に下位互換性をもたせるために行っており、古い API クライアントは通常通り動作し続けます。

すぐに使える改良点としては、このリリースでは、より多くのディスク情報を公開できるようにリソース API を拡張しました。また、イメージの有効期限を変更する機能を追加し、新しいクラスタリングのロールメカニズムに変更し、Fan ネットワークを使っている場合により多くの設定ができるようになりました。

Enjoy!

新機能 ¶

新しい /1.0/instances エンドポイント ¶

仮想マシンサポートへの一環で、現在の /1.0/containers API は /1.0/instances API への置き換えを行い、コンテナと仮想マシンの両方を返すようにしました。この新しい API エンドポイントの構造は（従来と）同じで、以前のエンドポイントは新しいものの上にある単なるタイプのフィルターになっています（訳注: コンテナタイプのインスタンスのみを返すフィルター）。

一貫性を保つため、仮想マシンサポートの準備ができた際には、/1.0/virtual-machine エンドポイントも提供します。これも同様に /1.0/instances に対するタイプフィルターとし、仮想マシンのみを返すようにします。

この作業の一環として、Go クライアントパッケージも変更され、すべて /1.0/instances エンドポイントに対する新しい関数が含まれるように変更されました。そして新しい API が使えるかどうかも検出し、古い LXD サーバーと通信する際には古い API にフォールバックします。

コマンドラインツール（lxc）は、これらの新しい関数を使用するように更新されました。

VM イメージ保存のサポート ¶

LXD のこのバージョンのリリースで、既に仮想マシンイメージが利用可能になっている他の LXD サーバーや simplestream サーバーの仮想マシンイメージを検索できるようになりました。 現時点で、このようなイメージを持つサーバはふたつだけで ubuntu: と ubuntu-daily: です。

stgraber@castiana:~$ lxc image list ubuntu: serial=20190918 release=bionic architecture=amd64
+-------------+--------------+--------+---------------------------------------------+--------+-----------------+----------+-------------------------------+
|    ALIAS    | FINGERPRINT  | PUBLIC |                 DESCRIPTION                 |  ARCH  |      TYPE       |   SIZE   |          UPLOAD DATE          |
+-------------+--------------+--------+---------------------------------------------+--------+-----------------+----------+-------------------------------+
| b (11 more) | 8d1e0577b1d1 | yes    | ubuntu 18.04 LTS amd64 (release) (20190918) | x86_64 | VIRTUAL-MACHINE | 328.25MB | Sep 18, 2019 at 12:00am (UTC) |
+-------------+--------------+--------+---------------------------------------------+--------+-----------------+----------+-------------------------------+
| b (11 more) | 9ff5784302bf | yes    | ubuntu 18.04 LTS amd64 (release) (20190918) | x86_64 | CONTAINER       | 177.98MB | Sep 18, 2019 at 12:00am (UTC) |
+-------------+--------------+--------+---------------------------------------------+--------+-----------------+----------+-------------------------------+
|             | be760b6a51a0 | yes    | ubuntu 18.04 LTS amd64 (release) (20190918) | x86_64 | CONTAINER       | 141.19MB | Sep 18, 2019 at 12:00am (UTC) |
+-------------+--------------+--------+---------------------------------------------+--------+-----------------+----------+-------------------------------+

上の例で、3 つの同じバージョンのイメージがあります。最初のイメージは qcow2 の仮想マシンイメージ、ふたつめは squashfs 形式のコンテナイメージ、3 つめは tar.xz 形式のコンテナイメージです。

VM イメージをローカルの LXD サーバーにコピーできます:

stgraber@castiana:~$ lxc image copy ubuntu:b local: --vm --alias b-vm
Image copied successfully!                   
stgraber@castiana:~$ lxc image list
+-------+--------------+--------+---------------------------------------------+--------+-----------------+----------+-----------------------------+
| ALIAS | FINGERPRINT  | PUBLIC |                 DESCRIPTION                 |  ARCH  |      TYPE       |   SIZE   |         UPLOAD DATE         |
+-------+--------------+--------+---------------------------------------------+--------+-----------------+----------+-----------------------------+
| b-vm  | 8d1e0577b1d1 | no     | ubuntu 18.04 LTS amd64 (release) (20190918) | x86_64 | VIRTUAL-MACHINE | 328.25MB | Oct 2, 2019 at 8:22pm (UTC) |
+-------+--------------+--------+---------------------------------------------+--------+-----------------+----------+-----------------------------+
|       | 0c3ce5efa22e | no     | Ubuntu bionic amd64 (20191002_07:42)        | x86_64 | CONTAINER       | 93.79MB  | Oct 2, 2019 at 5:51pm (UTC) |
+-------+--------------+--------+---------------------------------------------+--------+-----------------+----------+-----------------------------+

ここで紹介した機能はすでに動作していますが、LXD で仮想マシンが実行できなければ、現時点ではこの機能が特別役に立つとは思っていません。

より多くのディスクリソース情報の提供 ¶

/1.0/resources API の storage セクションが拡張され、ディスクのさまざまな情報を提供できるようになりました。次のような情報を含みます:

• ファームウェアバージョン
• デバイスパス
• シリアルナンバー
• RPM
• より詳細な type、CD-ROM ドライブの検出を含みます

システム上の色々なドライブ情報の出力例です:

root@lantea:~# lxc query /1.0/resources | jq .storage
{
  "disks": [
    {
      "block_size": 512,
      "device": "8:0",
      "device_path": "pci-0000:05:00.0-sas-phy0-lun-0",
      "firmware_version": "05.00K05",
      "id": "sda",
      "model": "WDC WD1001FALS-0",
      "numa_node": 0,
      "partitions": [],
      "read_only": false,
      "removable": false,
      "rpm": 7200,
      "serial": "WD-WMATV0861474",
      "size": 1000204886016,
      "type": "sata"
    },
    {
      "block_size": 512,
      "device": "8:16",
      "device_path": "pci-0000:05:00.0-sas-phy1-lun-0",
      "firmware_version": "05.00K05",
      "id": "sdb",
      "model": "WDC WD1001FALS-0",
      "numa_node": 0,
      "partitions": [],
      "read_only": false,
      "removable": false,
      "rpm": 7200,
      "serial": "WD-WMATV0724608",
      "size": 1000204886016,
      "type": "sata"
    },
    {
      "block_size": 512,
      "device": "8:32",
      "device_path": "pci-0000:05:00.0-sas-phy2-lun-0",
      "firmware_version": "CC45",
      "id": "sdc",
      "model": "ST33000651AS",
      "numa_node": 0,
      "partitions": [],
      "read_only": false,
      "removable": false,
      "rpm": 7200,
      "serial": "Z2912RXB",
      "size": 3000592982016,
      "type": "sata"
    },
    {
      "block_size": 4096,
      "device": "8:48",
      "device_path": "pci-0000:05:00.0-sas-phy3-lun-0",
      "firmware_version": "CC27",
      "id": "sdd",
      "model": "ST3000DM001-1CH1",
      "numa_node": 0,
      "partitions": [],
      "read_only": false,
      "removable": false,
      "rpm": 7200,
      "serial": "W1F46QP2",
      "size": 3000592982016,
      "type": "sata"
    },
    {
      "block_size": 512,
      "device": "8:64",
      "device_path": "pci-0000:00:1f.2-ata-1",
      "firmware_version": "EXT0CB6Q",
      "id": "sde",
      "model": "Samsung SSD 840",
      "numa_node": 0,
      "partitions": [],
      "read_only": false,
      "removable": false,
      "rpm": 0,
      "serial": "S1D5NSCF560605W",
      "size": 120034123776,
      "type": "sata"
    },
    {
      "block_size": 512,
      "device": "8:80",
      "device_path": "pci-0000:00:1f.2-ata-2",
      "firmware_version": "300i",
      "id": "sdf",
      "model": "INTEL SSDSC2CT12",
      "numa_node": 0,
      "partitions": [
        {
          "device": "8:81",
          "id": "sdf1",
          "partition": 1,
          "read_only": false,
          "size": 120033058304
        }
      ],
      "read_only": false,
      "removable": false,
      "rpm": 0,
      "serial": "CVMP213200L8120BGN",
      "size": 120034123776,
      "type": "sata"
    },
    {
      "block_size": 0,
      "device": "11:0",
      "device_path": "pci-0000:00:1f.2-ata-3",
      "firmware_version": "C108",
      "id": "sr0",
      "model": "DVD+-RW GSA-H73N",
      "numa_node": 0,
      "partitions": [],
      "read_only": false,
      "removable": true,
      "rpm": 0,
      "size": 1073741312,
      "type": "cdrom"
    }
  ],
  "total": 8
}

イメージ有効期限の変更 ¶

Austin の The University of Texas の学生からのコントリビューションにより、LXD イメージストア内のイメージの有効期限を編集できるようになりました。

この機能は lxc image edit コマンドから使え、expires_at のタイムスタンプを変更します。

クラスタリングロール ¶

将来的なクラスタリングの作業に備えて、クラスターメンバーのロールをレポートする新しい方法を追加しました。これはメンバーに直接与えられているロールのリストです。現在サポートされている唯一のロールは database であり、クラスターメンバーがデータベースサーバのひとつであることを示しています。

root@lantea:~# lxc cluster show lantea
server_name: lantea
url: https://[2001:470:b0f8:1016:d250:99ff:fec2:9263]:8443
database: true
status: Online
message: fully operational
roles:
- database

この機能は、まもなくふたつの新しいロールの基盤として使われます:

eventhub¶

このロールに属するクラスターメンバーは、他のクラスターメンバーからのイベントを受け取ります。そして、他のイベントハブにイベントを同期します。これにより、各クラスターメンバーが他のすべてのクラスターメンバーに通知するという現在のイベント処理のアプローチが置き換えられます。イベント送信時の CPU 使用率と帯域幅を削減できるでしょう。

database_standby¶

このロールに属するクラスターメンバーは、通常のデータベースメンバーと同様に、ライブデータベースストリームを受け取ります。通常のデータベースメンバーとの違いは、Raft コンセンサスアルゴリズム（分散合意アルゴリズム）の投票メンバーにはならないことです。つまり、データベーストランザクションのコミットに必要な時間を増加させることなく、このようなメンバーを増やせるということです。

このようなスタンバイデータベースノードは、非常にすばやく投票メンバーに昇格できるので、クラスターの耐障害性を増加させ、クラスターデータベースの停止リスクなしでローリングアップデートのようなメンテナンス作業ができるようになります。

Fan モードでの IPv4 設定 ¶

Fan モードのネットワークで次の項目が設定できるようになりました:

• ipv4.dhcp.expiry
• ipv4.firewall
• ipv4.nat
• ipv4.nat.order

バグ修正（翻訳なし） ¶

• api: Add instances extension
• client: Rename ContainerServer to InstanceServer
• client/interfaces: Populate InstanceServer with rest of functions
• client/instances: Add instance related functions
• doc: Initial Github code of conduct
• doc: Initial Github security policy
• doc: Update remaining reference to readthedocs
• doc/index: Point to https://linuxcontainers.org/lxd/docs/master/
• doc/storage: Typo and example fix
• i18n: Update translations from weblate
• i18n: Update translation templates
• lxc: Don't print first-use on init/launch
• lxc: Switch cli tool to use InstanceServer
• lxc: Switch to using client Instance functions
• lxc/exec: Fix usage for --cwd
• lxc/remote: Trailing space in translatable string
• lxd: Add instance interface
• lxd: Add instance-type query param filter to LXD API
• lxd: Add support for InstanceOnly in API requests
• lxd: Add type field to instance API output
• lxd: Make import alias of device config package consistent throughout codebase
• lxd: Migrate storage references to container interface to instance interface
• lxd: Move events to new events package
• lxd: Move operations to its own package
• lxd: Move response to its own package
• lxd: Remove unix cred functions/types and updates usage to ucred package
• lxd: Rename containerLoadByID to instanceLoadById and returns Instance type
• lxd: Rename containerLoadByProjectAndName to instanceLoadByProjectAndName
• lxd: Rename containerLoadNodeAll to instanceLoadNodeAll
• lxd: Rename use of instance package to instancetype package
• lxd: Replace CType with instance.Type
• lxd: Require "ip" be installed
• lxd: Switch over to Instance types
• lxd: Switch to new event structure
• lxd: Update to use seccomp package
• lxd: Update usage of ContainerArgs to InstanceArgs
• lxd: Update usage of ContainerBackupArgs to InstanceBackupArgs
• lxd: Update use of device.Instance interface
• lxd: Update use of ForwardedResponseIfContainerIsRemote to supply instanceType
• lxd: Update use of string instance.Type to int type
• lxd/api: Contructs endpoint alias routes
• lxd/api: Rename container endpoint vars to instance prefix
• lxd/apparmor: Move apparmor into its own package
• lxd/backup: Change container field to instance type
• lxd/cluster/connect: Add instanceType filter to ConnectIfContainerIsRemote
• lxd/cluster/upgrade: Prevent crash if heartbeat occurs before dqlite init
• lxd/config: Allow modifying cluster.https_address
• lxd/containers: Embed the Instance interface into the container interface
• lxd/containers: Remove lxcSupportSeccompNotify
• lxd/containers: Update use of apparmor package
• lxd/containers: Fix comment
• lxd/containers: Migrate container_lxc to use operationlock package
• lxd/containers: Respect raw.lxc on stop/shutdown
• lxd/containers: Tigthen directory ownership
• lxd/containers: Update containerLoadNodeProjectAll to support Type filtering
• lxd/containers: Validate POST instance type field and stores in DB
• lxd/daemon: Add Name and Aliases support to APIEndpoint
• lxd/daemon: Fix logging events
• lxd/daemon: Update to use seccomp package
• lxd/db: Band aid for https://github.com/canonical/dqlite/issues/163
• lxd/db: Flush any leftover operation on startup
• lxd/db: Use consts for cluster roles
• lxd/db/containers: Add db:ignore tag to Instance.Snapshot field
• lxd/db/containers: Add instanceType filter to ContainerNodeAddress
• lxd/db/containers: Fix tests
• lxd/db/containers: Remove ContainerType, CTypeRegular and CTypeSnapshot
• lxd/db/containers: Rename ContainerArgs to InstanceArgs
• lxd/db/containers: Rename ContainerBackupArgs to InstanceBackupArgs
• lxd/db/containers: Update container filtering functions for instance.Type
• lxd/db/instances: Re-run db generate
• lxd/db/instances: Update InstanceList to use instance.TypeAny
• lxd/devices: Allow uppercase in MACs
• lxd/devices: Update instance interface inline with others
• lxd/devices/disk: Properly return error messages
• lxd/devices/network: Fix typo in comment
• lxd/devices/nic: Set MTU on both side of veth
• lxd/devlxd: Fix handling of projects
• lxd/dnsmasq: Support uppercase MACs in UpdateStaticEntry
• lxd/events: Support multiple servers
• lxd/images: Fix image type during refresh
• lxd/images: Tweak wrapping
• lxd/images: Use native tar parser for metadata
• lxd/main_forkdns: Don't setup event logger
• lxd/main_init: Properly handle ceph/cephfs
• lxd/instance: Add functions to convert to/from instance.Type and string
• lxd/instance: Change instance types to own int type
• lxd/instance: Add operationlock package
• lxd/instance: Rename instance to instancetype
• lxd/instance: Use API instance types for string comparison
• lxd/networks: Allow ipv6.dhcp=true with ipv6.firewall=false
• lxd/networks: Properly return error messages
• lxd/networks: Reduce calls to iptables clear
• lxd/networks: Split functions and pass oldConfig
• lxd/operations: Fix operation events
• lxd/operations: Use state struct
• lxd/patches: Properly return error messages
• lxd/resources: Implement NVIDIA device fallback
• lxd/response: Add instanceType filter to ForwardedResponseIfContainerIsRemote
• lxd/seccomp: Add seccomp package
• lxd/state: Carry event server instances
• lxd/storage: Consistent error messages
• lxd/storage/btrfs: Fix bug with BTRFS snapshot copy
• lxd/storage/btrfs: Properly return error messages
• lxd/storage/ceph: Fix volume snapshot handling
• lxd/storage/cephfs: Fix querying volume on cluster
• lxd/storage/dir: Don't hide error message
• lxd/storage/lvm: Properly return error messages
• lxd/storage/zfs: Better handle broken images
• lxd/storage/zfs: Fix error handling in ImageCreate
• lxd/storage/zfs: Tweak destroy logic
• lxd/ucred: Add ucred package for ucred functions and types
• shared: Use Lchown when copying symlinks
• shared/api: Add new instance types
• shared/api: Add InstanceOnly field to InstancePost and InstanceSource
• shared/api: Location field of Event as omitempty
• shared/api: Make some NVIDIA fields omitempty
• shared/generate: Add support for db:"ignore" tag on fields
• shared/generate: Re-run update-schema
• shared/generate: Support instance.Type
• shared/netutils: Update NetnsGetifaddrs to use Instance types
• tests: Add apparmor to static analysis
• tests: Add events package to static analysis test
• tests: Add operations package to static analysis
• tests: Add response package to static analysis
• tests: Add seccomp package to static analysis
• tests: Add unixcred to static analysis
• tests: Fix static analysis for ucred package
• tests: Switch to instance.Type
• tests: Tunes ZFS quota tests after intermittent failures
• tests: Update devlxd tests to use ucred package
• tests: Update security test

試用環境 ¶

この新しい LXD リリースは私たちの デモサービス で利用できます。

ダウンロード ¶

このリリースの tarball は ダウンロードページ から取得できます。

ビルド済みバイナリーは次のように使えます:

• Linux: snap install lxd
• MacOS: brew install lxc
• Windows: choco install lxc

LXD 3.17 リリースのお知らせ¶

6th of September 2019

はじめに ¶

LXD チームは、LXD 3.17 のリリースをお知らせすることにとてもワクワクしています!

このリリースの主な新機能は、ホストのルートファイルシステムではなく、LXD のストレージプールにコンテナの tarball やイメージを保存できるようになったことです。

このリリースの変更点の残りのほとんどは、新しい内部 API のリファクタリングと新しい内部 API への既存のコードの移植です。この作業はユーザーには見えませんが、多数の長期間の問題を発見し、テストを改善し、多数の複雑なロジックを単純化しました。

Enjoy!

新機能 ¶

イメージの tarball とバックアップのストレージプールへの保存 ¶

新しいサーバー設定項目をふたつ追加しました:

• storage.backups_volume
• storage.images_volume

このふたつは POOL-NAME/VOLUME-NAME という形式を使って、未使用のストレージボリュームを設定できます。それぞれ異なる値を設定できます。システムのルートファイルシステムに保存されているデータがある場合は、指定したストレージボリュームに移動されます。

この機能により、ルートファイルシステムの空き容量が非常に限られているシステム上で、ほぼすべてのデータを LXD が管理するストレージプールに保存して LXD を実行できます。

stgraber@castiana:~$ lxc storage volume create default backups
Storage volume backups created
stgraber@castiana:~$ lxc storage volume create default images
Storage volume images created
stgraber@castiana:~$ lxc config set storage.backups_volume default/backups
stgraber@castiana:~$ lxc config set storage.images_volume default/images

lxc init と lxc launch での YAML のコンテナ設定 ¶

YAML ファイルに保存した設定を標準入力から読み込ませることで、コンテナの作成時に複雑な設定やデバイスを lxc init と lxc launch に渡せるようになりました。

stgraber@castiana:~$ cat gui.yaml 
config:
  environment.DISPLAY: :0
  environment.PULSE_LATENCY_MSEC: "30"
  environment.PULSE_SERVER: /mnt/.pulse-native
  environment.QT_X11_NO_MITSHM: "1"
devices:
  gpu:
    type: gpu
  pulse:
    bind: container
    connect: unix:/run/user/1000/pulse/native
    listen: unix:/mnt/.pulse-native
    mode: "0666"
    security.gid: "1000"
    security.uid: "1000"
    type: proxy
  x11:
    bind: container
    connect: unix:@/tmp/.X11-unix/X0
    listen: unix:@/tmp/.X11-unix/X0
    security.gid: "1000"
    security.uid: "1000"
    type: proxy

stgraber@castiana:~$ lxc launch ubuntu:18.04 gui-steam < gui.yaml 
Creating gui-steam
Starting gui-steam

stgraber@castiana:~$ lxc config show gui-steam
architecture: x86_64
config:
  environment.DISPLAY: :0
  environment.PULSE_LATENCY_MSEC: "30"
  environment.PULSE_SERVER: /mnt/.pulse-native
  environment.QT_X11_NO_MITSHM: "1"
  image.architecture: amd64
  image.description: ubuntu 18.04 LTS amd64 (release) (20190813.1)
  image.label: release
  image.os: ubuntu
  image.release: bionic
  image.serial: "20190813.1"
  image.version: "18.04"
  volatile.base_image: 2dd611e2689a8efc45807bd2a86933cf2da0ffc768f57814724a73b5db499eac
  volatile.eth0.host_name: vethe8c1ff8b
  volatile.eth0.hwaddr: 00:16:3e:65:36:88
  volatile.idmap.base: "0"
  volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},    {"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":1000000,"Nsid":0,"Maprange":1000000000},    {"Isuid":false,"Isgid":true,"Hostid":1000000,"Nsid":0,"Maprange":1000000000}]'
  volatile.last_state.idmap: '[]'
  volatile.last_state.power: RUNNING
devices:
  gpu:
    type: gpu
  pulse:
    bind: container
    connect: unix:/run/user/1000/pulse/native
    listen: unix:/mnt/.pulse-native
    mode: "0666"
    security.gid: "1000"
    security.uid: "1000"
    type: proxy
  x11:
    bind: container
    connect: unix:@/tmp/.X11-unix/X0
    listen: unix:@/tmp/.X11-unix/X0
    security.gid: "1000"
    security.uid: "1000"
    type: proxy
ephemeral: false
profiles:
- default
stateful: false
description: ""

変更点 ¶

バックアップ API の一貫性 ¶

このリリースには小さな API の非互換性が含まれています。しかし、既存のツールで使われている LXD API の一部ではないため、ユーザーに影響を与える可能性は非常に低いです。

次のようなリネームがされています:

• creation_date が created_at に（Go バインディングで CreateAt）
• expiry_date が expires_at に（Go バインディングで ExpiresAt）

これにより、タイムスタンプを公開する他のエンドポイントとの API の一貫性が保たれます。

新しいドキュメントサイト ¶

新しいドキュメントサイトが公開されました: https://linuxcontainers.org/lxd/docs/master/

LXD を使いやすくするために、より良いタイトルとトピックのグルーピングに取り組みました。 すべてのコンテンツは、開発リポジトリの doc ディレクトリから直接生成されているので、誰でも Github 上で更新を簡単に送れます。

Windows/MacOS ユーザーの使い勝手の改良 ¶

Windows と MacOS では LXD デーモンが動かないにもかかわらず、LXD クライアントの Windows と MacOS ビルドはデフォルトでリモートが local を向いています。

これまでは、これが原因でユーザーが混乱する場合がありました。このため、このような Unix ソケットに関する混乱するエラーを表示するのではなく、次のような表示をするようになりました:

C:\Users\stgraber>lxc list
This client hasn't been configured to use a remote LXD server yet.
As your platform can't run native Linux containers, you must connect to a remote LXD server.

If you already added a remote server, make it the default with "lxc remote switch NAME".
To easily setup a local LXD server in a virtual machine, consider using: https://multipass.run

final dqlite 1.0 への移植 ¶

dqlite 1.0 final がリリースされました。リリース作業の一部で、多数の改良と小さなデザインの変更が行われました。 LXD 3.17 はこの final 1.0 バージョンをベースにしています。

データベースの見直し ¶

このリリースでは、内部的なデータベースの再編成がいくつか行われています。 containers テーブルはすべて instances にリネームされ、スナップショットは独自の instances_snapshots テーブルに分割されました。これにより、スキーマを通して一貫性を強制するのが容易になりました。

もし、直接データベースを見るカスタムスクリプトがあるのであれば、これに対応した更新が必要になるでしょう。

コンテナデバイスの再実装 ¶

LXD 3.17 で、すべてのデバイスを扱うコードを分割し、よりモジュール構造とし、コーディングパターンとテストを改良する取組を終了します。LXD 3.16 には nic、infiniband、proxy デバイスが移植され、3.17 には unix-char、unix-block、usb、gpu、disk が移植され、完成しました。

ストレージの再実装 ¶

このリリースには、ストレージバックエンドの一部をクリーンアップする最初のコミットセットが含まれています。そして、デバイスの再実装と同様に、すべてのストレージバックエンドを新しいクリーンな構造に移行し始めます。

バグ修正（翻訳なし） ¶

• client: Use PathEscape rather than QueryEscape for URL part parts
• doc: Add documentation metadata
• doc: Add required property to disk device type
• doc: Update infiniband hwaddr docs
• doc: Update NIC MTU descriptions
• doc/server: Add missing key namespaces
• doc/server: Add scope column
• doc/server: Fix defaults for rbac
• doc/storage: Clarify defaults for size
• global: Remove accidentally included lxc.exe
• i18n: Update translations from weblate
• i18n: Update translation templates
• lxc: Better error handling on non-Linux
• lxc: Don't show header in CSV output
• lxc: Just show help on missing subcommand
• lxc: Update for fixed backup fields
• lxc/config: Detect non-Linux systems
• lxc/copy: Really always strip volatile.last_state.power
• lxc/file: Fix error handling
• lxc/file: Intercept user cancelation
• lxc/init: Fix usage with no args
• lxc/remote: Add basic auth example
• lxc-to-lxd: Remove dependency of lxd/device/config package
• lxc-to-lxd: Remove dependency on deviceConfig package
• lxd: Add call to devicesRegister function on startup
• lxd: Add unit test for creating a snapshot
• lxd: Check RemoveAll() error properly
• lxd: Remove MS_LAZYTIME definition
• lxd: Reorganised the uevent and inotify event handler startup
• lxd/apparmor: Prevent writes to /proc/acpi/**
• lxd/backup: Call tar with --numeric-owner
• lxd/containers: Add DeviceEventHandler
• lxd/containers: Add DeviceEventHandler to interface
• lxd/containers: Add deviceHandleMounts to handle mount and unmount
• lxd/containers: Add safety net for deviceStop() in case no device returned
• lxd/containers: Fix description
• lxd/containers: Fix inotify dynamic hotplug on existing container start
• lxd/containers: Further switchover to lxd/device/config Device types
• lxd/containers: Improve error messages
• lxd/containers: Modify deviceStop and deviceRemove to skip validation errors
• lxd/containers: Move device folder creation before device setup during boot
• lxd/containers: Move disk device to use device package
• lxd/containers: Move missing device type validation into device package
• lxd/containers: Remove deviceAttachMounts
• lxd/containers: Remove device Register() after device start
• lxd/containers: Remove gpu validation as moved to device package
• lxd/containers: Remove old moved rootfs quota code
• lxd/containers: Remove reference to non-existent infiniband nictype
• lxd/containers: Remove unused arg from deviceAddCgroupRules
• lxd/containers: Remove unused setupUnixDevice()
• lxd/containers: Remove unused unix-char and unix-block code
• lxd/containers: Remove unused unix-char and unix-block validation
• lxd/containers: Remove unused USB code
• lxd/containers: Remove unused USB related code
• lxd/containers: Remove volatile device keys when device is actually removed
• lxd/containers: Rename runConfig vars to runConf for consistency
• lxd/containers: Simplify device validation now all devices are ported
• lxd/containers: Supply all old devices to device Update() function
• lxd/containers: Update all device major/minor parsing to use uint32
• lxd/containers: Update deviceShiftMounts to ignore unmount requests
• lxd/containers: Update deviceStart to call device's Register() function
• lxd/containers: Update gpu device support to use device package
• lxd/containers: Update use of shared.RunCommandSplit
• lxd/containers: Use shared.GetRootDiskDevice for dup root device detection
• lxd/db: Adapt lxd/cluster to new dqlite sub-packages
• lxd/db: Adapt lxd/cluster to Server -> Node rename
• lxd/db: Adapt lxd/db/cluster to Server -> Node rename
• lxd/db: Adapt lxd/db package to new dqlite driver import
• lxd/db: Adapt lxd/db to new dqlite driver package
• lxd/db: Adapt lxd/db to Server -> Node rename
• lxd/db: Adapt main package to new dqlite sub packages
• lxd/db: Adapt main package to Server -> Node rename
• lxd/db: Adapt to changed dqlite.New() signature, not requiring NodeInfo
• lxd/db: Adapt to new Server.Leader() API
• lxd/db: Add basic unit tests for generated snapshot code
• lxd/db: Add copy of cluster schema version 14
• lxd/db: Add Delete and Rename methods to Snapshot db model
• lxd/db: Add Dump parameter to db.OpenCluster()
• lxd/db: Add initial Snapshot db model
• lxd/db: Add project column to views
• lxd/db: Add schema update 16 adding the instances_snapshots table
• lxd/db: Add schema update function to rename containers-related tables
• lxd/db: Add type column to images table
• lxd/db: Amend InstanceFilter docstring
• lxd/db: At shutdown, wait a bit for the in-flight force request to settle
• lxd/db: Change container special-casing in db code generator
• lxd/db: Change db code generator to comply with Go naming standards
• lxd/db: Convert containerCreateInternal to use InstanceSnapshotCreate()
• lxd/db: Convert dump to new client API
• lxd/db: Create instances_snapshots_config in schema update 16
• lxd/db: Create instances_snapshots_config_ref view
• lxd/db: Create instances_snapshots_devices_config in schema update 16
• lxd/db: Create instances_snapshots_devices in schema update 16
• lxd/db: Create instances_snapshots_devices_ref view
• lxd/db: Detect possible leadership change through ougoing dqlite connections
• lxd/db: Drop obsolete snapshot-related tests
• lxd/db: Drop Parent filter from Instance
• lxd/db: Drop unneeded logic to relink snapshots to new nodes
• lxd/db: Drop unused Container and ContainerFilter structs
• lxd/db: Extract configUpdate method from ContainerConfigUpdate
• lxd/db: Fix failing unit test
• lxd/db: Fix selecting NULL description columns
• lxd/db: Generate Snapshot db mapping code
• lxd/db: Improve dqlite proxy error messages and abort both sides on error
• lxd/db: Invoke data migration from db.OpenCluster, before schema updates
• lxd/db: Make the db code generator handle indirect foreign key
• lxd/db: Migrate snapshots to the new tables
• lxd/db: No need to manually bootstrap
• lxd/db: Pass a context to server.Cluster()
• lxd/db: Properly account for project when moving ceph-based containers
• lxd/db: Regenerate db code
• lxd/db: Re-generate db mapper code
• lxd/db: Regenerate db mappers code
• lxd/db: Regenerate db schema
• lxd/db: Regenerate global db schema
• lxd/db: Remove legacy unit test making use of old snapshot apis
• lxd/db: Replace references to the "containers" table with "instances"
• lxd/db: Skip clustering-related unit tests, see issue #6122
• lxd/db: Update db code generator to handle composite entity names
• lxd/db: Update top-level daemon package to new auto-generated method names
• lxd/db: Update unit tests after containers -> instances conversion
• lxd/db: Use Client.Add() API
• lxd/db: Use Client.Cluster() API
• lxd/db: Use Client.Leader() API
• lxd/db: Use Client.Remove() API
• lxd/db: Use correct db APIs depending on the container type
• lxd/db: Use new LeaderAddress() api
• lxd/db: Use new snapshot db APIs in ClusterTx.SnapshotIDsAndNames()
• lxd/db: Use new snapshots APIs in ContainerGetSnapshotsFull
• lxd/db: Use new snapshots tables in ContainerNextSnapshot()
• lxd/db: Use new snapshot tables in Cluster.ContainerGetSnapshots()
• lxd/db: Use new snapshot tables in daemon patches
• lxd/db: Use query.Transaction instead of manual tx management
• lxd/db: Use WithServerBindAddress
• lxd/devices: Add Register function and links USB implementation
• lxd/devices: Change Update() to accept all old devices
• lxd/devices: Fix dynamic hotplug of unix devices when they exist on startup
• lxd/devices: Link gpu device
• lxd/devices: Link up disk device
• lxd/devices: Link up unix-char and unix-block devices
• lxd/devices: Modify New function to return device even if validation fails
• lxd/devices: Move empty device type validation into device package
• lxd/devices: Move USB event handling into device package
• lxd/devices: Remove disk related functions
• lxd/devices: Remove gpu related code moved to device package
• lxd/devices: Remove inotify code
• lxd/devices: Rename USBDevice to USBEvent
• lxd/devices: Update sorted devices usage
• lxd/devices: Update use of Device type
• lxd/devices/config: Change Devices type to map[string]Device
• lxd/devices/config: Make device set sorting exported
• lxd/devices/config: Replace DeviceNames() with Sorted() and Reversed()
• lxd/devices/config/validate: Move function to be attached to Device type
• lxd/devices/device: Link up none device type
• lxd/devices/device/utils/usb/events: Add USB event handler functions
• lxd/devices/device/utils/usb: Move bits into usb and device_utils_usb_events
• lxd/devices/disk: Add disk device implementation
• lxd/devices/disk: Add StorageVolumeMount and StorageVolumeUmount functions
• lxd/devices/disk: Add validation for root disk having a pool property
• lxd/devices/disk: Link StorageRootFSApplyQuota
• lxd/devices/gpu: Add gpu implementation
• lxd/devices/gpu: Move nvidia device loading to use resources package
• lxd/devices/gpu: Update all device major/minor parsing to use uint32
• lxd/devices/gpu: Update unix function usage
• lxd/devices/gpu: Use device package validation functions
• lxd/devices/gpu: Validate vendorid and productid
• lxd/devices/infiniband: Add IB MAC functions
• lxd/devices/infiniband: Remove unused code after switch to resources package
• lxd/devices/infiniband: Update use of unix functions
• lxd/devices/infiniband: Workaround weird sysfs behavior
• lxd/devices/infiniband/physical: Improve MAC address support
• lxd/devices/infiniband/physical: Switch to use resources package
• lxd/devices/infiniband/physical: Update unix function usage
• lxd/devices/infiniband/physical: Update use of unix device functions
• lxd/devices/infiniband/sriov: Improve MAC address support
• lxd/devices/infiniband/sriov: Switches to use resources package
• lxd/devices/infiniband/sriov: Update unix function usage
• lxd/devices/infiniband/sriov: Update use of unix device functions
• lxd/devices/inotify: Move inotify functions to device package
• lxd/devices/instance: Add DeviceEventHandler function
• lxd/devices/instance: Add LocalDevices() to interface
• lxd/devices/instance: Add RootfsPath() to InstanceIdentifier interface
• lxd/devices/network: Add networkValidMAC
• lxd/devices/network: MTU inheriting from parent on bridged devices
• lxd/devices/network: Remove NetworkSRIOVGetFreeVFInterface
• lxd/devices/nic: Update bridged and p2p types to new Update signature
• lxd/devices/nic: Update nic validation of hwaddr
• lxd/devices/nic/bridged: DHCP release fixes
• lxd/devices/nic/sriov: Add getFreeVFInterface after moving from shared utils
• lxd/devices/none: Add none device type
• lxd/devices/proxy: Update validation to use d.instance.ExpandedDevices()
• lxd/devices/proxy: Use device package validation functions
• lxd/devices/runconfig: Add RootFS support
• lxd/devices/runconfig: Add Uevents slice
• lxd/devices/runconfig: Change mount Shift to OwnerShift
• lxd/devices/runconfig: Fix typo in comment
• lxd/devices/unix: Add implementation for unix-char and unix-block devices
• lxd/devices/unix: Add unix event handling functions
• lxd/devices/unix: Clarify required property logic
• lxd/devices/unix: Comment clarification
• lxd/devices/unix: Device management function rework
• lxd/devices/unix: Ensure unix devices are mounted with MountOwnerShiftStatic
• lxd/devices/unix: Fix double device name encoding in file name
• lxd/devices/unix: Make unixDeviceAttributes unexported
• lxd/devices/unix: Move some config validation functions into device package
• lxd/devices/unix: Update all device major/minor parsing to uin32
• lxd/devices/unix: Update device removal functions to accept file filter
• lxd/devices/unix: Update use of unixDeviceAttributes
• lxd/devices/unix: Various small improvements
• lxd/devices/usb: Add unexported usbIsOurDevice and switch to USBEvent
• lxd/devices/usb: Add USB device implementation
• lxd/devices/usb: Add USB event handling functions
• lxd/devices/usb: Clarify required property logic
• lxd/devices/usb: Remove unused function
• lxd/devices/usb: Update Register() to be called by post start hook
• lxd/dnsmasq: Update version check to use shared.RunCommandCLocale
• lxd/main_forkuevent: Fix error when >3 arguments used (normal case)
• lxd/migration: Remove unused Snapshots() function from interface
• lxd/networks: Handle error from dnsmasq version check
• lxd/networks: Remove old dnsmasq.leases file on network start
• lxd/patches: Update sorted devices usage
• lxd/projects: Remove dependency on deviceConfig package
• lxd/response: Show wrapped errors
• lxd/seccomp: Update use of shared.RunCommandSplit
• lxd/storage: Add storageRootFSApplyQuota
• lxd/storage: Add storageVolumeMount and storageVolumeUmount
• lxd/storage: Fix bad UsedBy check
• lxd/storage: Move btrfs migration code
• lxd/storage: Move ceph migration code
• lxd/storage: Move ContainerGetParentAndSnapshotName to shared
• lxd/storage: Move ContainerPath() to storage package
• lxd/storage: Move Create{Container,Snapshot}Mountpoint to storage
• lxd/storage: Move get*MountPoint() to storage package
• lxd/storage: Move storage cgo to storage package
• lxd/storage: Move storage_utils to storage/utils
• lxd/storage: Move zfs migration code
• lxd/storage: Remove ContainerCanRestore from storage interface
• lxd/storage: Remove Image{Umount,Mount} from storage interface
• lxd/storage: Remove shared code from backends
• lxd/storage/lvm: Log actual error
• lxd/storage/quota: Move use of Major and Minor functions to unix package
• lxd/storage/zfs: Fix error reporting
• lxd/sys: Add CGroupBlkioWeightController check
• lxd: Update for fixed backup fields
• lxd: Update tests to use updated Devices type
• lxd: Update top-level unit-tests for DB changes
• lxd: Update use of Devices type
• lxd: Use unix.MS_LAZYTIME
• Makefile: Fix sqlite manifest path
• Makefile: Fix update-schema target
• shared: Handle symlinks in FileCopy()
• shared/api: Fix backup timestamps
• shared/container: Add IsDeviceID validation
• shared/container: Improve comments on IsRootDiskDevice
• shared/container: Move global hex regex into specific function
• shared/container: Remove device related validation functions
• shared/containerwriter: Updates use of GetFileStat
• shared/simplestreams: Make golint clean
• shared/simplestreams: Record all images
• shared/simplestreams: Remove dead code
• shared/simplestreams: Rename index structs
• shared/simplestreams: Rename internal functions
• shared/simplestreams: Rename product structs
• shared/simplestreams: Rename SimpleStreamsFile
• shared/simplestreams: Rename ssDefaultOS
• shared/simplestreams: Split index/manifest out
• shared/simplestreams: Split out sortedImages
• shared/util: Add RunCommandCLocale() and update RunCommandSplit()
• shared/util: Remove Major and Minor functions
• tests: Add golint for storage package
• tests: Add infiniband MAC tests
• tests: Add more bridged DHCP release tests
• tests: Add proxy tests for invalid config
• tests: Add GPU tests
• tests: Add simplestreams to golint
• tests: Add storage quota tests
• tests: Add test for bridged MTU parent inheritance
• tests: Add test for ipvlan MTU parent inheritance
• tests: Add test for macvlan MTU parent inheritance
• tests: Add tests for unix-char and unix-block devices
• tests: Enable quota checks for ceph engine
• tests: Fix broken lxd import integration test
• tests: Fix CEPH RBD leakage
• tests: Fix typo in comment
• tests: Remove MAC tests from infiniband tests
• tests: Remove the attached testvolume
• tests: Remove tmpfs references from gpu tests
• tests: Remove use of uppercase chars in MAC tests
• tests: Split server tests
• tests: Update backup test for new error
• tests: Update integration tests for DB changes