Linux Containers - LXD - ニュース

21st of June 2019

はじめに ¶

LXD チームは LXD 3.0.4 のリリースをお知らせできることをうれしく思います！

Stable に対するバグフィックスのリリースですので、大きな変更はありません。バグフィックスと細かな使い勝手の改良にフォーカスしています。

ハイライト ¶

マイグレーション機能のネゴシエーション ¶

マイグレーション時に rsync と ZFS のオプションをネゴシエートするようになりました。これにより異なる LXD やホスト OS のバージョン間での移動時に、コンテナマイグレーションの問題を防げるようになりました。

進捗報告が表示されるコマンドの追加 ¶

lxc launch や lxc publish などのいくつかのコマンドで、進捗情報が表示されるケースが増えました。

バグ修正 ¶

fix newline error in ja.po
test: Support AppArmor policy cache directory
lxd: Fix AppArmor cache policy version check
lxd/storage: user_subvol_rm_allowed for btrfs
lxd/containers: Improve hwaddr retry logic
lxd/storage/zfs: Detect tool version on Ubuntu
lxd/db: Fix unit test not actually checking error
lxd/db: Fix typo in existing docstring
lxd/migration: Bi-directional rsync negotiation
lxd/migration: Negotiate ZFS compression
lxd/migration: Simplify MigrationSource
lxd/migration: Simplify StorageMigrationSink
lxd/migration: Simplify MigrationSink
tests: Always pass -w to iptables
lxd/migration: Cleanup feature negotiation
shared: Fix import order
lxd/init: Fix typo
shared/termios: Add shim for non-cgo builds
lxd/storage/lvm: Run pvremove on VG deletion
tests: Bump size to 120MB for btrfs
shared/idmap: Workaround Go tip change
client: convert EventListener to use api.Event
client: Fix crash on missing ProgressTracker
shared: Fix windows cert handling
lxd/proxy: Improve shutdown code
lxd/migration: Re-spawn proxy devices
lxd/migration: Fix shutdown race
lxd/db: Make ContainerSetState use single query
tests: Improve live-migration tests
lxd/storage_zfs_utils: Add zfsPoolVolumeExists
lxd/cluster: Tweak error messages
Updated documentation of /cluster/members/ to have correct keys
lxd/init: Checks if a zfs storage pool or dataset exists
README: Update doc links
shared/util: Export DownloadFileHash
client: Use exported DownloadFileHash
tests: Add env variable to skip static analysis
tests: Remove sleep in console test
tests: Reduce delays in devlxd test
tests: Speed up basic tests
tests: Reduce sleep in network test
tests: Reduce teardown delays
tests: Drop startup sleep for cluster
lxc/monitor: Fix rendering
shared: Read certificates from host
lxd/cluster: Fix schema upgrades
image-handling.md: 'release' should be a string and not a list
doc: Cleanup security.md
lxd/containers: Adapt to go-lxc Release
lxc: Fix image list help
client: Properly reset listener on error
shared/osarch: Add armhfp (centos)
doc: Document btrfs resize
lxd/containers: Fix lxc.mount.entry for musl
client: Strip trailing slashes in URLs
lxd/apparmor: Tweak default set of rules
*: Rename {Creation,LastUsed}Date to {Created,LastUsed}At
tests: Tweak fdleak test
lxd: Add internal command to trigger GC
shared: Properly handle uncompressed tarballs
lxd/containers: Always delete container on create error
lxd/containers: Fix disk limits at creation
tests: Fix negative tests in basic.sh
tests: Fix negative tests in config.sh
tests: Fix negative tests in database_update.sh
tests: Fix negative tests in devlxd.sh
tests: Fix negative tests in external_auth.sh
tests: Fix negative tests in idmap.sh
tests: Fix negative tests in pki.sh
tests: Fix negative tests in remote.sh
tests: Fix negative tests in serverconfig.sh
tests: Fix negative tests in sql.sh
tests: Fix negative tests in storage.sh
tests: Fix negative tests in storage_driver_ceph.sh
tests: Fix negative tests in storage_local_volume_handling.sh
tests: Fix negative tests in storage_profiles.sh
tests: Fix negative tests in storage_volume_attach.sh
tests: Fix negative tests in template.sh
tests: Fix bad test in external_auth
tests: Fix bad test in sql
tests: Fix bad test in storage
tests: Fix volume list in cluster
lxd/storage: Fix validation of CEPH config
tests: Fix container leak
lxd/storage/ceph: Unmap volume after creation
lxd/storage/ceph: Create custom mountpoints if missing
lxd/containers: Call storage unmount on detach
lxd/storage/ceph: Unmap on unmount
lxd/migration: Fix race in abort
lxd/migration: Handle crashing rsync
lxd/migration: Fix sender side errors handling
lxd/storage: Fix broken error handling
lxd: finish converting events to api.Event
lxd/storage: Freeze containers during rsync
tests: Reduce sleeps in proxy tests
tests: Reduce clustering delays
i18n: Fix duplicate language
doc: Clarify measurement units
lxd: Send metadata in CreateImage error response
lxd: Fix possible segfaults in tasks
lxd: Send metadata in CreateImage error importing image
lxd/images: change compressFile to take io.Reader and io.Writer
lxd/images: calculate sha256 as image is written
shared.Unpack: Add support for a ProgressTracker during unpack
storage: Add ioprogress.ProgressTracker field to storage
lxd: Send progress info for export and import operations
shared: Progress metadata as a map
tests: Fix negative tests in clustering.sh
tests: Fix negative tests in migration.sh
tests: Fix negative tests in security.sh
tests: Fix bad test in clustering
images: Tar and compress in a combined stream when packing an image
i18n: Update translation templates
tests: Fix bad test in security
lxd/cluster: Fix config test
shared/osarch: Add gentoo armhf variant
fix variable in range
lxd/db: Fix tests for current go-sqlite3
lxd/storage: Drop unused function
lxd/network: Rework IP validation functions
lxd/containers: Validate ipv4/ipv6 address
lxd/network: Reword sysctl network functions
lxd/containers: Skip interface removal if missing
client: Add UpdateContainerSnapshot
client: Support overriding pool when importing backups
shared/api: Support updating container snapshots
lxd/containers: Update for ContainerSnapshot
client: fix goroutine leak in ExecContainer
shared/osarch: Add ArchLinux name for armv7
lxd: remove /proc/self/cmdline parsing
Revert "lxd: remove /proc/self/cmdline parsing"
nsexec: make cmdline parsing more reliable
lxd/storage/lvm: Call wipesignatures
config: Keep candid domains and cookies per-remote
lxc: Update for per-remote candid domain/cookies
tests: Update godeps
lxd/containers: Set liblxc env for CVE-2019-5736
lxd/storage/ceph: Rework df handling
lxc/remote: Tweak remote list
shared: Tweak progress metadata
lxd: Set correct progress data for backup/publish
lxc/publish: Add progress reporting
shared/api: Add snapshot expiry configuration on create
client: Add snapshot expiry configuration on create
i18n: Update translation templates
lxc/publish: Fix bad cherry-pick
lxd: copy C smarts from LXC into lxd/include/
nsexec: cleanup macros do_setns
nsexec: cleanup macros in_same_namespace
nsexec: cleanup macros attach_userns
nsexec: cleanup macros file_to_buf
devlxd_gccgo: initialize to 0
network: include macro.h
checkfeature: cleanup macros netns_set_nsid
forkfile: cleanup macros manip_file_in_ns
storage_cgo: include macro.h
storage_cgo: cleanup macros find_associated_[...]
storage_cgo: cleanup macros get_un[...]_legacy
storage_cgo: cleanup macros get_unused_loop_dev
storage_cgo: cleanup macros prepare_loop_dev
shift_linux: cleanup macros shiftowner
util_linux_cgo: cleanup macros lxc_abstract_[...]
Revert "client: fix goroutine leak in ExecContainer"
util_linux_cgo: restore old behavior
lxc/exec: Cleanup terminal logic
client: Empty stdin channel on exec completion
lxc/list: Fix multiple filters
lxd/main_nsexec: Fix type of length in file_to_buf
Use capital case in error messages returned by db.NodeInfo.IsEmpty()
db.NodeInfo.IsEmpty(): a node with custom volumes is not empty
Add integration test checking that nodes with custom volumes can't be removed
Prompt for confirmation when using --delete to remove a server
lxc/monitor: Don't directly use Exit
lxc/console: Remove unused code
lxc: Improve error handling in execIfAliases
lxc/exec: Don't use Exit
lxc/remote: Use candid if supported
Add first stab at FAQ
doc: Fix typos in faq.md
lxd/response: Simplify SmartError
lxc/info: Add targeting to 'lxc info'
lxc/storage: Add targeting to 'lxc storage info'
lxd: Fix targeting for /1.0 and /1.0/resources
shared/api: Add Location to NetworkLeases
lxd/migration: Fix handling of missing profiles
terminal: do not chown master fd
shared/api: Drop StoragePool from Resources struct
lxd/resources: Fix bad CPU reporting
doc: Inform about ZFS pool default compression
shared: Switch ParseNumberFromFile to simple read
shared/api: Add CPU socket to resources
shared/api: Add GPU to Resources
lxd/devices: Cleanup GPU structs
shared/idmap: Use separate uid and gid entries
lxd-p2c: Workaround for broken /proc/self/exe
simplestreams: Align JSON struct for index.json
shared/api: Add more GPU info
network: Bring mtu device up
lxd: Don't leak netlink fds
shared/api: Add Location field to operations
shared/api: Add NUMA information to resources
shared/api: Add KernelFeatures
shared/api: Sort ServerEnvironment struct
lxd/cluster: Workaround new raft logging
simplestreams: Align JSON struct for images.json
Fix typo in faq.md
Tweak markdown format in storage.md
lxc/action: skip containers with intended state
lxd/storage/ceph: Fix copying existing volume snap
lxd/storage: Rename shiftRootfs to initialShiftRootfs
lxd/containers: Use LXC hook version 1
lxd/containers: Fix owner/mode of container path
lxd/storage: Rename ShiftIfNecessary to resetContainerDiskIdmap
lxd/storage: Remove setUnprivUserACL
lxc/launch: Show start progress
lxd/containers: Implement new idmap functions
lxd/containers: Port to new idmap functions
doc: Introduce volatile.idmap.current
lxd/migrate: Shift CRIU files to current map
lxd/containers: Cleanup template application
lxd/containers: Properly handle tar shifting
lxd/containers: Handle mid-remap containers
lxd/containers: Stop proxy before storage
shared/api: Add Location field to api.Event
client: Properly generate events URL
client: Optimize copies on same nodes
shared/osarch: Add Plamo x86 arch
lxd/internal: Have GC endpoint release memory
lxd/cluster: Export Snapshot function
lxd/internal: Expose raft-snapshot
tests: Allow up to 15s for container reboot
lxd/tasks: Avoid races on startup
lxc/config: Use shared.IsSnapshot
shared/osarch: Add i586 to arch aliases
client: Don't crash on missing stdin
shared/api: Extend StorageVolumePost
client: Consider volumeOnly option when migrating
client: Copy volume config and description
client: Fix copying between two unix sockets
client: Fix copy from snapshot
client: Add support for cluster_internal_copy
shared/api: Add lxc_features
shared/idmap: Add comparison function
shared: Fix Windows build
shared/network: Fix reporting of down interfaces
shared/getifaddrs: Export peer link id
shared/network: Get HostName field when possible
shared: Adds StringMapHasStringKey helper function
shared: handle SCM_CREDENTIALS when receiving fds
shared: add AbstractUnixReceiveFdData()
shared: fix $SNAP handling under new snappy
checkfeature: cleanup macros is_netnsid_aware
forkmount: cleanup macros
misc(rest-api.md): formatting
lxc/info: Show snapshot expiry
lxd/backup: Re-order checks for backup.yaml
lxc/config: Add targeting to 'lxc config'
lxd/containers: Export container location
lxd/storage/lvm: Pass nouuid for xfs backups
lxd/operations: Fill the Location field
lxc/operation: Show location column
lxd/cluster: Initialize candid on join
lxd/storage/ceph: Always unmap after use
lxd: Add username/fingerprint to request context
lxd: Cleanup authentication code
lxd: Drop initialShiftRootfs and always shift on start
lxd: Port to new idmap functions
api: Add id_map_current API extension
lxd/containers: Cleanup shifting
vendor: Temporary Raft vendoring
tests: Ignore vendor/
i18n: Update translation templates
lxd/storage/zfs: Run rename in clean mntns
lxd/cluster: Limit log message forwarding
lxd/images: Don't keep an in-memory simplestreams cache
patches: Fix names of pool volume LVs
lxd/patches: Fix LVM VG name
lxd/images: Fix simplestreams cache expiry
lxd/storage/ceph: Don't mix stderr with json
lxd/storage: Fix error message on differing maps
lxd/container: Moves network limits to be run as a network up hook rather than container start hook
lxd/container: removes unused arg from network limits function
forkproxy: make logfile close on exec
forkproxy: use standard macros on exit
lxd/db: Properly handle unsetting keys
lxd: More reliably grab interface host name
lxc/utils: Updates progress to stop outputting if msg is longer than window
lxd/candid: Cleanup config handling
lxd/cluster: Bump heartbeatInterval to 10s
lxd/cluster: Spread hearbeats in time
netns_getifaddrs: adapt to kernel changes
lxd/container: Only runs network up hook for nics that need it
test: Updates config tests to use host_name for nic tests
lxd/container: Changes disable_ipv6=1 to accept_ra=0 on host side interface
doc: Adds missing packages to install guide
lxd/profile: Port to APIEndpoint
lxd/internal: Port to APIEndpoint
lxd/cluster: Port to APIEndpoint
lxd/event: Port to APIEndpoint
lxd/daemon: Port to APIEndpoint
lxd/storage: Handle XFS with leftover journal entries
lxd/certificates: Make certificate add more robust
doc: Correct host_name property
lxd/storage/btrfs: Don't make ro snapshots when unpriv
lxd/containers: Don't needlessly mount snapshots
lxd/containers: Avoid costly storage calls during snapshot
lxd/cluster: Avoid panic in Gateway
lxd/cluster: Use current time for hearbeat
lxd/cluster: Fix race condition during join
lxd/images: Properly handle invalid protocols
network: Fixes custom MTU not being applied on hot plug
lxd/db: Fix bad test
tests: Fix race condition in proxy test
lxd: Use idmap.Equals
lxd/proxy: Fix goroutine leak
forkproxy: Retry epoll on EINTR
forkproxy: make helpers static
lxd: Rename parseAddr to proxyParseAddr
lxd/api: Rename serverResources to api10Resources
lxd/api: Rename snapshotHandler to containerSnapshotHandler
lxd/api: Rename operation functions for consistency
lxd/proxy: Drop unused function
lxd: Have Authenticate return the protocol
lxd: Don't allow remote access to internal API
lxd/migration: Fix feature negotiation
lxd/api: Rename certificateFingerprint to certificate
lxd/certificate: Port to APIEndpoint
lxd/resource: Port to APIEndpoint
lxd/operation: Port to APIEndpoint
lxd/api: Rename alias commands to imageAlias
lxd/api: Replace Command with APIEndpoint
lxd/storage: Port to APIEndpoint
lxd/network: Port to APIEndpoint
lxd/container: Port to APIEndpoint
lxd/image: Port to APIEndpoint
lxd/api: Handle AccessHandler
lxd/storage/ceph: Fix snapshot of running xfs/btrfs
lxd/containers: Be consistent with timestamps
lxd/db: Introduce ContainerConfigUpdate
lxd/containers: Don't diff go-lxc structs
lxd/network: Log failures to reload
lxd: Don't start on migration
api/cluster: Fixes missing return on SmartError
container/metadata: Fixes missing return on InternalError
doc: Clarify API security and options to restrict
Trigger the upgrade script if we detect a dqlite client with higher version
lxd/storage/ceph: Fix UUID re-generation
lxd/storage/ceph: Fix snapshot of running containers
lxd/containers: Speed up simple snapshot list
lxd/storage/ceph: Only rewrite UUID once
lxd/sys: Cleanup State struct
shared: Move network cgo to shared/netutils
shared/netutils: Move send/recv fd functions
test: Added more tests for container nics
lxd/containers: Replace ConfigKeySet with VolatileSet
test: Updates physical tests to detect MTU support in LXC
test: Updates macvlan tests to detect MTU support in LXC
lxc/move: Start container when appropriate
doc: Add section on container security
doc: s/HTTPs/HTTPS/g
doc: Remove mention of RBAC
doc: Re-structures container nic docs into each nic type
test: Re-works nic p2p and bridged tests to check for static routes working
lxd/container: Re-work limits handling
tests: Remove route testing
container/lxc: Records hotplugged p2p/bridged nic's host_name into volatile data
container/lxc: Runs network up hook for all p2p and bridged nics
container/lxc: Records host_name from LXC on p2p/bridged nic start
lxc/container: Removes unused getHostInterface()
lxd/networks: Fix ETag handling on clusters
container/lxc: Removes volatile host_name enrichment from fillNetworkDevice()
lxd/containers: Fix bad error
lxd/images fix compressErr return
lxd: Satisfy static analysis
lxc: Transition to golang.org/x/sys
lxd-p2c: Transition to golang.org/x/sys
lxd: Transition to golang.org/x/sys
shared: Transition to golang.org/x/sys
lxd/storage/btrfs: Delete any orphaned .ro snapshots See #5763 During a publish, a .ro subvolume snapshot copy is made whilst the original snapshot is set read-write. If lxd is killed before publish finishes, the *.ro copy can be left orphaned, and should be deleted when the associated snapshot is deleted.
This fixes #5804.
idmap: shift ro btrfs subvolumes
lxd/internal: Fix backup.Pool.Name check error message
Drop unless call to createContainerMountpoint
container: Adds OnStopNS() function that is run by LXC's stop hook feature
networks/utils: Adds networkGetDevMTU function
networks/utils: Adds networkGetDevMAC function
networks/utils: Adds networkSetDevMAC function
networks/utils: Adds networkSetDevMTU function
networks: Refactors fan mtu detection to use networkGetDevMTU
container/lxc: Adds snapshotPhysicalNic function
container/lxc: Stores mtu and mac of parent physical nic before start
container/lxc: Fix copy/paste error in error removeNetworkDevice
container/lxc: Adds detachInterfaceRename() function
container/lxc: Restores physical parent mtu and mac on device removal
doc: Updates volatile keys used for physical mtu and mac restoration
test: Tests for physical mtu and mac application and restoration
lxd/storage/btrfs: Fix qgroup handling
lxd/storage/btrfs: Fix argument ordering
container/lxc: Disables auto mac generation for sriov devices
tests: Always pass --force to stop/restart
checkfeature: remove unused variable
main: Fixes debug mode flag to actually enable debug mode
container/lxc: Adds error checking for calls to networkClearLease
networks/utils: Adds networkDHCPv4Release function
networks/utils: Adds networkDHCPv6Release function and associated packet helpers
networks/utils: Updates networkClearLease to use DHCP release helpers
container/lxc: Moves networkUpdateStatic during Stop with the other lease related code
networks: Starts dnsmasq with --no-ping option to avoid delaying lease file writes
tests: Adds DHCP lease release tests
lxd/networks: Adds --dhcp-rapid-commit when dnsmasq version > 2.79
tests: Make shellcheck happy
tests: Remove unused variable
lxd/containers: Fix cleanupHostVethDevices logic
lxd/storage/ceph: Fix bad cherry-pick from master
shared/termios: Fix port to sys/unix

サポートとアップグレード ¶

LXD 3.0.4 は 2023 年 6 月までサポートされる最新の LTS リリースです。利用可能になった最新のバグ修正リリースに更新することをお勧めします。

ダウンロード ¶

リリース tarball : lxd-3.0.4.tar.gz
GPG シグネチャ : lxd-3.0.4.tar.gz.asc

Contents

LXD 3.0.4 リリースのお知らせ

LXD 3.0.4 リリースのお知らせ¶