LXD

LXD#

LXD is a modern, secure and powerful system container and virtual machine manager.

It provides a unified experience for running and managing full Linux systems inside containers or virtual machines. LXD supplies images for a wide number of Linux distributions and is built around a very powerful, yet pretty simple, REST API. LXD scales from one instance on a single machine to a cluster in a full data center rack, making it suitable for running workloads both for development and in production.

LXD allows you to easily set up a system that feels like a small private cloud. You can run any type of workload in an efficient way while keeping your resources optimized.

You should consider using LXD if you want to containerize different environments or run virtual machines, or in general run and manage your infrastructure in a cost-effective way.

Get started#

To get a better idea of what LXD is and what it does, you can try it online! This interactive demo guides you through the basic steps of using LXD and shows how to launch and inspect your first instances, update the configuration, work with commands and files inside an instance and create snapshots.

Then, if you want to run LXD locally, take a look at our getting started guide for installation instructions.

Security#

Consider the following aspects to ensure that your LXD installation is secure:

  • Keep your operating system up-to-date and install all available security patches.

  • Use only supported LXD versions (LTS releases or monthly feature releases).

  • Restrict access to the LXD daemon and the remote API.

  • Do not use privileged containers unless required. If you use privileged containers, put appropriate security measures in place. See the LXC security page for more information.

  • Configure your network interfaces to be secure.

See Security for detailed information.

Important

Local access to LXD through the Unix socket always grants full access to LXD. This includes the ability to attach file system paths or devices to any instance as well as tweak the security features on any instance.

Therefore, you should only give such access to users who you’d trust with root access to your system.

Project and community#

LXD is free software and developed under the Apache 2 license. It’s an open source project that warmly welcomes community projects, contributions, suggestions, fixes and constructive feedback.

The LXD project is sponsored by Canonical Ltd.