News

LXD 4.20 has been released

6th of November 2021

Introduction

The LXD team is very excited to announce the release of LXD 4.20!

This is one very busy release with a lot of new features.

VM users will be happy to see the initial implementation of live migration and core scheduling support. Container users are getting new configuration keys to set sysctls.

Then the bulk of the new features are all network related with peer network relationships, network zones for auto-generated DNS and SR-IOV accelerated OVN networks.

And lastly, on the clustering front, it's now possible to better control what servers will be receiving new workloads.

Enjoy!

New features and highlights

Live migration of virtual machines

LXD now has initial support for live-migration of virtual machines.

This works by simply using lxc move to move between two separate LXD servers or lxc move --target to move within a cluster. Assuming the VM is running, live migration will be attempted.

Using this requires migration.stateful to be enabled on the VM which will prevent it from using GPUs, USB or host PCI devices as well as disable virtiofs (limiting filesystem passthrough to 9p).

The current implementation will effectively perform a stateful stop of the instance immediately followed with migration of the entire data (which will contain the runtime state) and restoration on the target.

This should just take 2-3s when using Ceph but can take significantly longer on other storage backends. We have work scheduled over the next 6 months to improve LXD's ability to very cheaply and quickly refresh volumes on BTRFS and ZFS which will then allow similar performance for those storage backends.

Network peering for OVN

When using OVN for LXD networking and multiple networks are defined, routing from one network to another currently exits OVN, hits the uplink network and then re-enters OVN. While this is sometimes desired to fully control the network flows, it can be a huge bottleneck.

To address this, LXD now supports network peers. A peer is added on each side of a pair of networks (can be across projects). Once the peer relation is established, OVN will be configured to directly route from one network to the other with traffic never leaving OVN.

Peer relations also allow for easier ACL rules, making it possible to use @some-network/some-peer in the source or destination field to affect traffic coming in or out of a specific peer network.

A new lxc network peer command is used to manage those peers relations.
At the API level, this is all under /1.0/networks/NAME/peers

Specification: https://discuss.linuxcontainers.org/t/lxd-ovn-network-to-network-routing/12165
Documentation: https://linuxcontainers.org/lxd/docs/master/network-peers

Network zones (DNS)

Those managing a large set of instances across many projects will often appreciate all instances having valid forward and reverse DNS records available on their entire network.

Up until now, the only option for this was to use the built-in dnsmasq DNS server and its auto-generated DNS zone but this only really works for one network in one project and doesn't easily integrate within a larger infrastructure. The alternative being to run a completely manually provisioned DNS server on the side.

With this release, LXD introduces the concept of network zones. Those are effectively DNS zones that are tied to LXD networks and can be used for forward DNS records, reverse IPv4 or reverse IPv6 DNS records.

To set it up, one would first create some zones (lxc network zone create), then assign them for the right type of records on the right networks by setting one of:
- dns.zone.forward
- dns.zone.reverse.ipv4
- dns.zone.reverse.ipv6

Lastly the zone must get configured with at least one peer DNS server. This is done using the following configuration keys on the zone itself:
- peers.NAME.address
- peers.NAME.key

Either one, or both, of those must be set for a client DNS server to be able to pull the zone from LXD.

Once that's all setup, your external DNS server can perform a zone transfer (AXFR) from LXD for that zone and then serve it. LXD itself only allows for zone transfers and cannot be directly queried.

Specification: https://discuss.linuxcontainers.org/t/lxd-built-in-dns-server/12033
Documentation: https://linuxcontainers.org/lxd/docs/master/network-zones

SR-IOV acceleration for OVN networking

To further improve the performance of OVN based networking on LXD, we have now added support for SR-IOV acceleration.

The way this works is by using physical network cards which can operate in switchdev mode. Such cards will then provide both a guest facing VF and a host facing representor port. When a system with a suitable card has it in switchdev mode, has the PF added to the OVS bridge and has OVS configured for SR-IOV offload, LXD can automatically allocate VFs for use by containers or VMs.

When all the prerequisites are met, all that needs to be done is set acceleration=sriov on the LXD nic device and LXD will do the rest.

This can lead to an extreme improvement in performance especially on 40G, 100G or 200G networks as it will effectively offload the bulk of the traffic processing directly onto the physical NIC. In such an environment only the first packet in most connections will ever go through the host system and OVS/OVN, all traffic after that point is directly handled in hardware.

Documentation: https://linuxcontainers.org/lxd/docs/master/instances#nic-ovn

Linux sysctl configuration on containers

A new linux.sysctl.* set of config keys has been introduced. This allows directly setting a specific sysctl to a specific value on container startup.

This can be more flexible than having a sysctl.d entry inside the container and can also enable accessing sysctls which are properly namespaced but require elevated privileges by having LXD apply those from the host.

Documentation: https://linuxcontainers.org/lxd/docs/master/instances#key/value-configuration

Core scheduling for virtual machines

Following our work on core scheduling for containers in LXD 4.19, we have now extended it to virtual machines. When running LXD on a kernel that supports core scheduling, LXD will automatically ensure that all vCPU threads for a particular VM are part of the same core scheduling group.

Core scheduling is designed to allow the use of SMT on CPUs that would otherwise be at risk of attack by the guest due to the Spectre vulnerabilities. Core scheduling ensures that a guest will either use a core/thread pair or that the thread will remain unused while the guest uses the associated core.

Cluster member configuration

Cluster members now have support for configuration keys.

Other than the free form user.KEY=VALUE, the other key being introduced is scheduler.instance which can be used to prevent a particular cluster member from getting automaticly placed instances, instead only getting instances that are directly placed on it through the --target option of the CLI.

Documentation: https://linuxcontainers.org/lxd/docs/master/clustering#managing-a-cluster

Improvement to network leases

As network leases are heavily relied upon for the new network zones feature, some improvements have been done.

Some of the improvements are:
- Support for network leases on OVN networks
- Uplink networks now showing up in the list of leases
- IPv6 EUI64 addresses included in the list (when stateful DHCPv6 isn't enabled)

On the CLI, those records can be seen with lxc network list-leases NETWORK-NAME

Complete changelog

Here is a complete list of all changes in this release:

Full commit list
  • lxd/certificates: remove explicit calls to UpdateCertificateProjects
  • lxd/db/certificates: remove Cluster.UpdateCertificateProjects
  • lxd/db/generate/db/method: fill entity id association tables on create/update
  • lxd/db/certificates.mapper: update generated code
  • lxd/checkfeature: check whether the kernel supports core scheduling
  • lxd/daemon: Fix crash on lxd start when another lxd already running
  • lxd/daemon: Don't fail shutdown if fail to close cluster DB
  • lxd/daemon: Don't use Infof and Errorf
  • lxd/metrics: Change ProcsTotal to gauge
  • lxd/instance/drivers: Log metrics failures
  • lxd-agent: Log metrics failures
  • lxd/instance/operationalock: Change lock from using instance ID to use project and instace name
  • lxd/instance/operationalock: Use %q for error quoting
  • lxd/instance/operationlock: Get lock after checking for non-nil operation
  • lxd/instance/drivers/driver/common: operationlock usage
  • lxd/instance/drivers/driver/lxc: operationlock usage
  • lxd/instance/drivers/driver/qemu: operationlock usage
  • lxd/instance/instance/utils: operationlock usage
  • lxd-agent: Drop aggregated cpu stats in metrics
  • test: Kill LXD process if doesn't start in time
  • lxd/main/shutdown: Fix shutdown regression when running in snap
  • lxc: suggest 20.04 as the first container to launch instead of 18.04
  • lxc: switch from 18.04 to 20.04 for examples of Ubuntu instances
  • i18n: Update translation templates
  • lxc: update wording when a cert is successfully trusted by a remote
  • i18n: Update translation templates
  • lxd/backup/backup/config: Adds ToInstanceDBArgs function
  • lxd/instance/instance/utils: Adds LoadFromBackup function
  • lxd/project/project: Update comment of InstanceParts
  • lxd/instances: Reworks instancesOnDisk to return slice of instance.Instance
  • lxd/instances: Updates instancesShutdown to use instancesOnDisk
  • lxd/patches: Updates patchUpdateFromV11 and patchUpdateFromV15 to use instancesOnDisk
  • lxd/api/internal: Use backupConf.ToInstanceDBArgs in internalImportFromBackup
  • lxd/api/internal/recover: Updates internalRecoverImportInstance to use backupConf.ToInstanceDBArgs
  • lxd/instances: Don't clear last power state of all instances in a cluster in instancesShutdown
  • lxd/db/instances: Removes ResetInstancesPowerState function
  • lxd/instances: Move shutdown timeout logic into per-instance go routine in instancesShutdown
  • lxd/instances: Reworks instancesShutdown to handle and log shutdown failures by forcefully stopping
  • lxd/instances: Updates instancesShutdown to accept a slice of instances
  • lxd/instances: Renames containerAutostartList to instanceAutostartList
  • lxd/instances: Renames instancesRestart to instancesStart
  • lxd/daemon: Updates init to use instancesStop and instancesStart with preloaded container list
  • lxd/daemon: Updates Ready to use updated instancesStart
  • lxd/daemon: Updates Stop to load instances once
  • lxd/daemon: Updates numRunningInstances to accept a list of instances to check
  • shared/osarch/architectures: Use ARCH_UNKNOWN rather than 0 in ArchitectureId
  • lxd/db/instances: Removes UpdateInstancePowerState function
  • lxd/instance/drivers/driver/common: Adds recordLastState function
  • lxd/instance/drivers: Use d.VolatileSet in onStop hook to record last power state
  • lxd/instance/drivers: d.recordLastState usage
  • lxd/instances/drivers: Call d.UpdateBackupFile just before starting instance process
  • lxd/daemon: Close global database after query failure in Stop
  • lxd/daemon: Use consistent terminology of global rather than remote database in Stop
  • lxd/api/internal: Update internalContainerHookLoadFromReference to try and load instance from backup if DB not available
  • lxd/instance/drivers/driver/qemu: Update getMonitorEventHandler to try and load instance from backup if DB not available
  • lxd/storage/drivers/driver/zfs/volumes: Log dev path in UnmountVolume
  • lxd/migration: Update protobuf config
  • lxd/migration: Update generated protobuf
  • gomod: Update dependencies
  • doc/network: Avoid referring to releases by name
  • lxd/apparmor: Allow remount using noatime
  • lxd/apparmor: remove mount options alternations
  • lxd/apparmor: remove another mount options alternations
  • lxd/apparmor: remove spaces between mount options for consistency
  • lxd/apparmor: remove duplicated mount rules (ro,remount,bind)
  • lxd/api/cluster: Fail on no leader in internalClusterPostHandover
  • lxd/instance: Fix image download race condition in instanceCreateFromImage
  • lxd/networks: Report uplink networks in leases
  • lxd/api/cluster: Fail on no leader in handoverMemberRole
  • lxd/cluster/gateway: Log partial and initial heartbeat as info
  • test: Adds better logging and removes handover sleeps in test_clustering_handover
  • lxd/cluster/heartbeat: No need to log heartbeat restart
  • test: Don't use pid files in test_clustering_shutdown_nodes
  • test: Actually ensure cluster DB isn't reachable after its lost quorum in test_clustering_shutdown_nodes
  • test: Use timeouts in kill_lxd
  • lxd/storage/drivers/driver/zfs/volumes: Use normal mount rather than zfs mount
  • tests: Unify how the instance's PID is looked up
  • tests: add missing --force-local to lxc stop
  • tests: use CSV format and column filtering where applicable
  • tests: use CSV format and column filtering to find the name of the newly created instance
  • tests: use grep -F when the match pattern contains regex/wildcard
  • tests: replace grep | cut by awk
  • lxd/instance/operationlock: Adds TimeoutSeconds constant
  • lxd/instance/drivers/driver/common: Error quoting in onStopOperationSetup
  • lxd/instance/drivers/driver/qemu: Updates onStop to be more like lxc driver
  • test/suites: Always provide project arg in volume test
  • lxd/sys/os: reorder kernel features
  • os: add separate entries for pure core scheduling kernel feature and container support
  • lxd: support core scheduling for virtual machines
  • test/suites: Fix cephfs backup test
  • lxd/instance/drivers/driver/qemu: Improve comments in Shutdown
  • lxd/instance/operationlock: Add ErrNonReusuableSucceeded error and Action type and action constants
  • lxd/instance/operationlock: Reworks Create to use Action type
  • lxd/instance/operationlock: Reworks CreateWaitGet
  • lxd/instance/drivers/driver/common: operationlock.Action usage
  • lxd/instance/drivers/driver/lxc: operationlock.CreateWaitGet and operationlock.Create usage
  • lxd/instance/drivers/driver/qemu: operationlock.CreateWaitGet and operationlock.Create usage
  • lxd/instance/drivers/driver/qemu: Add comment in Stop about operation lock
  • lxd/instance/drivers/driver/qemu: Keep operation alive in Shutdown
  • lxd/instance/drivers/driver/lxc: Keep operation alive in Shutdown
  • lxd/network: Move Leases to network package
  • lxd: support core scheduling for container even without LXC library support
  • lxd/instance/lxc: Properly report mapped memory
  • lxd/daemon: Updates NodeRefreshTask to accept an isLeader and unavailableMembers argument
  • lxd/api/cluster: Improves logging in internalClusterPostHandover
  • lxd/cluster/gateway: Adds shutdownCtx to NewGateway and return 503 in heartbeat if shutting down
  • lxd/storage/drivers/driver/zfs/volumes: Set mountpoint=none for filesystem volumes
  • lxd/storage/drivers/driver/zfs/patches: Update patches to set mountpoint=none
  • lxd/cluster/gateway: Adds HeartbeatHook type
  • lxd/cluster/gateway: Reject heartbeat if shutting down
  • lxd/cluster/gateway: Rework HandlerFuncs heartbeat handling
  • lxd/cluster/heartbeat: Update heartbeatRestart to return bool if heartbeat restarted
  • lxd/cluster/heartbeat: Pass non-updated heartbeat members as unavailable to heartbeat refresh task in heartbeat
  • lxd/cluster/membership: Add logging to notifyNodesUpdate
  • lxd/cluster/membership: Improve logging in Assign
  • lxd/cluster/membership: Adds unavailableMembers support to Rebalance and newRolesChanges
  • lxd/api/cluster: Adds unavailableMembers support to rebalanceMemberRoles
  • lxd/api/cluster: Improve logging in rebalanceMemberRoles
  • lxd/cluster/gateway/test: cluster.NewGateway usage
  • lxd/cluster/gateway: Remove unnecessary logging
  • lxd/cluster/gateway: Don't stop enrichhing raft nodes if one member name not found in currentRaftNodes
  • test: Reduce sleeps and offline threshold in clustering tests to speed them up
  • lxd/db/networks: Reworks GetNetworkInAnyState and its ilk to split the functionality out into separate functions
  • shared/api/error: Improve argument name in StatusErrorMatch
  • shared/api/error: Adds StatusErrorCheck helper function
  • lxd/networks: Use api.StatusErrorCheck to check for not found error from d.cluster.GetNetworkInAnyState
  • lxd/instance/drivers/driver/lxc: Fix restart locking
  • lxd/network/driver/ovn: Fix comment on getLoadBalancerName
  • lxd/cluster/heartbeat: Use api.StatusErrorf in error returned from HeartbeatNode
  • test: Improve test_clustering_remove_raft_node reliability
  • lxd/network/ovn: Add support for leases
  • api: Add image_source_project extension
  • shared/api: Add Project to ImagesPostSource
  • lxd/storage/drivers/volume: Adds IsCustomBlock function
  • lxd/storage/drivers/generic/vfs: Fixes regression in genericVFSBackupUnpack for VM config volume import
  • lxd/network/openvswitch/ovn: Adds OVNRouterRoute type
  • lxd/network/openvswitch/ovn: Updates LogicalRouterRouteAdd to accept multiple OVNRouterRoute args
  • lxd/network/openvswitch/ovn: Harmonise naming conventions in LogicalRouterRouteDelete with OVNRouterRoute type
  • lxd/network/network/utils: Removes unnecessary DB lookup via NICType function in isInUseByDevice
  • lxd/network/network/utils: Updates UsedBy to use usedByInstanceDevices
  • lxd/network/network/utils: Updates usedByInstanceDevices to use updated isInUseByDevice
  • lxd/network/network/utils: Updates isInUseByProfile to use updated isInUseByDevice
  • lxd/network/network/utils: Renames isInUseByProfile to usedByProfileDevices
  • lxd/network/openvswitch/ovn: Update LogicalRouterRouteDelete to accept net.IPNet rather than pointer
  • lxd/network/driver/ovn: Remove default routes and re-add as needed in setup
  • lxd/network/driver/ovn: Update InstanceDevicePortSetup to use static route port hints
  • lxd/network/driver/ovn: InstanceDevicePortDelete updated to handle non-pointer IPNets
  • client: Support source project in image copies
  • lxd/images: properly return project name in error
  • lxd: Support source project in image copies
  • lxc/image: Support source project in image copies
  • doc/rest-api: Refresh swagger YAML
  • lxd/db/config: rename UpdateConfig to UpdateClusterConfig
  • lxd/db/generate/lex/form: smarter pluralize function
  • lxd/db/generate/db/method: fix stmt type for generating URIs
  • lxd/db/generate/db/parse: check stmt and method for omitting fields
  • lxd/db/generate/db/mapping: pass table name to FieldColumnName
  • lxd/db/generate/db/stmt: pass variable name to register function
  • lxd/db/operations.mapper: remove ProjectID omission from operations
  • lxd/instance/drivers/qmp/monitor: Update run to accept an interace{} for args and JSON encode internally
  • lxd/instance/drivers/qmp/monitor: m.run usage
  • lxd/instance/drivers/qmp/commands: m.run usage
  • lxd/instance/drivers/qemu: Adds workaround for QEMU 6.x regression in handling memory object host-nodes setting
  • lxd/db/cluster/update: updateFromV50
  • lxd/db/cluster/schema: Update schema
  • lxd/db/node: add Config field to NodeInfo
  • lxd/db/node: populate config on Get
  • lxd/db/node: add UpdateNodeConfig method
  • lxd/db/node: add default config on Create
  • lxd/db/node: bootstrap nodes with BootstrapNode
  • lxd/db/node: skip database-standby in UpdateRoles
  • lxd/db/node: skip nodes with manual scheduler
  • lxd/device: Make sure vfio-pci is loaded
  • lxc/cluster: Add --yes to remove
  • tests: Update for change to cluster remove
  • shared/version/api: add clustering_config
  • shared/api/cluster: add Config to ClusterMemberPut
  • lxd/api/cluster: use updateClusterNode for PUT/PATCH
  • lxd/api/cluster: validate and update config on PUT/PATCH
  • lxc/cluster: add cluster member get/set/unset
  • doc/rest-api: Refresh swagger YAML
  • i18n: Update translation templates
  • doc/clustering: add clustering configuration docs
  • test/suites/clustering: add clustering_autotarget
  • lxd/db/config.mapper: placeholder config methods
  • lxd: Add fsmonitor package
  • lxd/state: Add DevMonitor to state
  • lxd: Initialize DevMonitor in daemon
  • lxd/device: Switch to DevMonitor
  • lxd/device: Check prefix path in source
  • lxd/device: Remove old inotify code
  • test/suites: Add fsmonitor to static analysis
  • lxd/db/networks: Fixes getStoragePool to support NULL description fields
  • lxd/api/cluster: fix comment on clusterGet clusterPut
  • lxd/device/nic/ovn: Improve error in Start
  • lxd/network/acl/acl/ovn: Adds OVNIntSwitchPortGroupAddressSetPrefix function
  • lxd/network/openvswitch/ovn: Adds address management functions
  • lxd/network/openvswitch/ovn: Adds router policy management function
  • lxd/network/driver/ovn: Move logical switch creation after internal network IP validation
  • lxd/network/driver/ovn: Add address set that represents internal switch subnets and NIC routes
  • lxd/network/driver/ovn: Adds instanceNICGetRoutes function
  • test: Set LXD_DEVMONITOR_DIR
  • doc/environment: Add LXD_DEVMONITOR_DIR
  • lxd/network/driver/ovn: Reworks Update to populate active NIC routes into internal switch's address set
  • api: Adds network_peer extension
  • lxd/network/acl/driver/common: ValidName usage
  • lxd/network/acl/acl/validation: Adds ValidName function
  • lxd/network/acl/driver/common: Adds ReservedNetworkSubects slice
  • shared/api/network/peer: Adds network peering API types
  • lxd/db/cluster: Adds networks_peers and networks_peers_config tables
  • lxd/db/network/peers: Peer management functions
  • doc/rest-api: Refresh swagger YAML
  • lxd/lifecycle/network/peer: Peer lifecycle type
  • lxd/network/network/utils: Updates UsedBy to check if the network has any created peers
  • lxd/networks: network.UsedBy usage
  • lxd/network/driver/common: UsedBy usage
  • lxd/network: Adds peer management function definitions and common not implemented implementation
  • lxd/network/driver/common: Adds Peering feature indicator
  • lxd/network/driver/common: Adds common peer validation function
  • lxd/network/openvswitch/ovn: Adds peer management functions
  • lxd/network/driver/ovn: Adds peering management functions
  • lxd/network/peer: Network peer API endpoints
  • client/interfaces: Adds network peer management function definitions
  • client/lxd/network/peer: Adds network peer management client functions
  • lxc/network/peer: Adds network peer CLI commands
  • i18n: Update translation templates
  • doc: Adds network peers documentation
  • lxd/network/driver/bridge: Fix leases
  • lxd-p2c: Allow passing existing certificate
  • client/connection: Typo in ConnectLXD
  • lxd/instance/post: Improve error in instancePostClusteringMigrate
  • lxd/move: Adds stateful migration support for cross-pool instance migrations
  • lxd/move: Consistent comment line endings in moveInstancePool
  • lxd/instance/post: Refactor how backward compat handling of Live field in instancePost
  • lxd/instance/post: Error quoting
  • lxd/instance/post: Comment typo in instancePostPoolMigration
  • lxd/instance/post: Adds stateful migration support to instancePostPoolMigration
  • i18n: Update translation templates
  • process_utils: move wait_for_pid_status_nointr() to common code
  • lxd: consolidate functions into common header
  • lxd: make C functions static
  • lxd: add config.h for common options
  • doc: Drop part about building LXC
  • doc: Add bind9-dnsutils to testsuite requirements
  • lxd: use argument struct for manip_file_in_ns()
  • forkfile: small coding style fixes
  • forkfile: decrease indendation level
  • lxd/fsmonitor/drivers: Add missing FAN_MARK_FILESYSTEM
  • doc/enviroment: Clarify that LXD_DEVMONITOR_DIR is for testing
  • lxd/fsmonitor: Ensure path is a mountpoint
  • lxd/instance/instance: Renames IsMigratable to CanMigrate
  • lxd/api/cluster: inst.CanMigrate usage
  • lxd/move: Add stateful move support to moveClusterInstance
  • lxd/instance/post: Adds stateful migration support to instancePostClusteringMigrate
  • i18n: Update translation templates
  • test: Use mountpoint for test devices
  • lxd/db/node: don't autofill node config
  • lxd/api/cluster: make scheduler.instance optional
  • lxd/db/query/transaction: Adds 10s timeout to Transaction
  • lxd/cluster/gateway: Add 30s idle timeout in dqliteProxy
  • lxd/cluster/gateway: Close remote connection in dqliteProxy
  • lxd/cluster/events: Disconnect event listeners for offline members in eventsUpdateListeners
  • lxd/events/events: Rework events.Listener to use websocket heartbeats
  • shared/instance: Add linux.sysctl.*
  • lxd: Support for linux.sysctl.* configuration keys
  • doc: Add linux.sysctl.*
  • api: Add linux_sysctl extension
  • lxd/device/nic/bridged: Prevent specifying ipv{n}.address when NIC is connected to unmanaged parent bridge
  • test: Add test for bridged NIC not able to specify static IPs when using unmanaged parent bridge
  • lxd/events/events: Moves blocking reader into heartbeat function
  • lxd: Removes blocking reader from event client
  • lxd-agent: Removes blocking reader from event client
  • lxd/fsmonitor/drivers: Log warning instead of failing
  • lxd/cluster/gateway: Removes dqliteProxy idle timeout
  • lxd/cluster/gateway: Update logging in dqliteProxy
  • lxd/cluster/gateway: Set 30s TCP_USER_TIMEOUT and keep alive timers in dqliteProxy
  • lxd/util/net: Adds SetTCPUserTimeout function
  • lxd/db/db: retry cluster transactions once if context deadline exceeded
  • seccomp: Pass the caller TGID to pidfd_open instead of TID
  • lxd/instance/drivers: Check swap for metrics
  • seccomp: verify retrieved fds when
  • shared/validate: Add IsListOf
  • doc: Move metrics under API
  • api: network_dns extension
  • doc/projects: Add restricted.networks.zones
  • lxd/projects: Add restricted.networks.zones
  • doc/networks: Add dns.zone
  • lxd/network: Add dns.zone
  • doc/server: Add core.dns_address
  • lxd/node: Add core.dns_address
  • shared: Add network zone API
  • client: Rename lxd_network_forwards for consistency
  • client: Add network zone functions
  • lxd/db: Add networks_zones schema
  • lxd/db: Add network zones helpers
  • lxd/network/zone: Initial package
  • lxd/lifecycle: Add network zones
  • lxd: Add network zone API
  • doc/rest-api: Refresh swagger YAML
  • lxc/network: Add zone sub-command
  • i18n: Update translation templates
  • lxd/dns: Add DNS server
  • lxd/daemon: Integrate DNS server
  • tests: Add DNS zone tests
  • doc: Add network zones documentation
  • lxd/instance/qemu: Fix host-nodes on multi-node
  • lxd/instance/drivers: Use existing DeviceTotalMemory
  • lxd/instance/drivers: Check memory limit value for metrics
  • lxd/migrate: Fix deadlock in sendControl
  • lxd/migrate: Time out when waiting for connections
  • lxd/storage/backend/lxd: Clarify errors in CreateInstanceFromCopy and CreateInstanceFromMigration
  • lxd/instances/post: Wrap error in createFromMigration
  • lxd/instances/post: Update comment in createFromMigration
  • lxd/instance/drivers/driver/qemu: Implements Migrate to support stateful start after migration
  • lxd/migrate/instance: Update new migration source and sink functions to detect container instance type for CRIU
  • lxd/migrate/instance: Move predump setup logic inside CRIU section
  • lxd/migrate/instance: Keep vol source arg setup logic together
  • lxd/migrate/instance: Make CRIU logic conditional on container instance type
  • lxd/migrate/instance: Statefully stop running VM for live migration in migrationSourceWs
  • lxd/migrate/instance: Code style tweak in migrationSink
  • lxd/migrate/instance: Update migrationSink Do to support VM stateful migration
  • lxd/migrate: Update critieria for live migration to detect container instance type
  • lxc/copy: Add comment clarifying post-migration start up logic in copyInstance
  • lxd/instance/post: Simplify arguments to instance migration functions
  • lxd: migrateInstance usage
  • lxd/instance/post: Remove container references in migrateInstance
  • lxd/instance/post: Improve comment in instancePostClusteringMigrateWithCeph
  • lxd/storage/drivers/driver/ceph/volumes: Improve comment in MigrateVolume
  • lxd/instance/post: Avoid loading storage pool twice in instancePostClusteringMigrateWithCeph
  • lxd/instance/post: Remove out of date comment from instancePostClusteringMigrateWithCeph
  • lxd/instance/post: Remove container reference in error in instancePostClusteringMigrateWithCeph
  • lxd/instance/post: Remove trailing newline in instancePostClusteringMigrateWithCeph
  • lxd/instance/post: Use http.StatusOK in instancePostClusteringMigrateWithCeph
  • lxd/instance/post: Switch to api.NewURL() in instancePostClusteringMigrateWithCeph
  • lxd/db/instances: Adds volumeType argument to UpdateInstanceNode
  • lxd/instance/post: Replace node in errors with member
  • lxd/instance/post: Rework instancePostClusteringMigrateWithCeph to support VM stateful migration
  • lxd/instance/post: Update instancePostCreateInstanceMountPoint to accept an instance
  • lxd/instance/post: Don't allow migration to same location of instance in migrateInstance
  • lxd/instances/post: Replace node with member in error in clusterCopyContainerInternal
  • lxd/storage/drivers/driver/ceph/volumes: Fix MigrateVolume to support VM cluster migration
  • lxd/instance/post: Update instancePostClusteringMigrate with support for starting instance during stateless migration
  • test: Update teardown_clustering_netns to succeed if process has already gone
  • lxd/device/nic/bridged: Allow static IP on unmanaged bridge when MAAS subnet specified
  • lxd/device/nic/ovn: Remove setting accept_ra sysctl unnecessarily as disable_ipv6 is set
  • Replace 'which' with 'command -v'
  • Use which to resolve lxc's path without resolving the shell function of the same name
  • lxc: better advertise support for VMs
  • i18n: Update translation templates
  • lxd/device/device/utils/network: Renames networkSnapshotPhysicalNic to networkSnapshotPhysicalNIC
  • lxd/device: networkSnapshotPhysicalNIC usage
  • lxd/device/device/utils/network: Renames networkRestorePhysicalNic to networkRestorePhysicalNIC
  • lxd/device: networkRestorePhysicalNIC usage
  • lxd/device/nic: Split up SR-IOV functions
  • lxd/device: Records SRIOV VF parent device in last_state.vf.parent
  • shared/instance: Add .last_state.vf.parent support to ConfigKeyChecker
  • lxd/device/device/utils/network: Adds useSpoofCheck arg to networkSRIOVSetupVF and networkSRIOVRestoreVF
  • lxd/device/device/utils/network: Add support for last_state.vf.parent in networkSRIOVRestoreVF
  • lxd/device/nic/sriov: useSpoofCheck argument usage
  • lxd/network/network/utils/sriov: Rename sriovFindFreeVirtualFunctionMutex to SRIOVVirtualFunctionMutex
  • lxd/network/network/utils/sriov: Remove use of lock from SRIOVFindFreeVirtualFunction
  • lxd/device/nic/sriov: Use network.SRIOVVirtualFunctionMutex.Lock
  • api: Add ovn_nic_acceleration extension
  • doc/instances: Add network acceleration config
  • lxd/network/openvswitch: Add HardwareOffloadingEnabled
  • lxd/network: Adds SRIOVFindFreeVFAndRepresentor
  • lxd/device/nic_ovn: Add SR-IOV support
  • lxd/device/nic/ovn: Remove incorrect call to networkSetupHostVethLimits
  • lxd/cluster: Fix forceful stop on restore
  • bash-completion: Add restore snapshots
  • lxd/operations: Updates waitForOperations to accept consoleShutdownTimeout arg
  • lxd/daemon: Load shutdown timeout from DB in Stop()
  • lxd/daemon: Only call waitForOperations during Stop if cluster DB is available
  • lxd/api/internal: Wait for daemon to finish starting up before shutting down in internalShutdown
  • forkuevent: minor fixes
  • forkuevent: fix "--" placement
  • lxd/instances/qemu: Enable topoext on x86_64 with SMT
  • lxc/import: read from stdin
  • doc/instances: Explain CPU topology in VMs
  • cleanup: remove subtest
  • Remove the last 'which' occurence.
  • lxc/file: Don't use HostPath on temp files
  • lxd/cluster: Log leader address on failure
  • lxd/api/cluster: Sleep for 100ms to allow http.Flush to render
  • lxd/fsmonitor: Don't crash on Walk errors
  • lxd/instance/lxc: Only mount for file operations if stopped
  • lxd/instance_exec: Improve and expand default PATH setting
  • lxd/network/driver/ovn: Comment typo
  • lxd/network/driver/ovn: Add external inbound peer address spoof protection to logicalRouterPolicySetup
  • lxd/network/driver/ovn: Update PeerDelete to remove security policy rules from local and target routers
  • lxd/network/acl/driver/common: Small optimisation in validateRule
  • lxd/network/acl/driver/common: Allow named peers starting with @ in validateRuleSubjects
  • lxd/db/network/peers: Adds GetNetworkPeersTargetNetworkIDs function
  • lxd/network/acl/acl/ovn: Adds support for peer subjects using @/ in OVNEnsureACLs
  • doc/network-acls: Adds concept of peer network subject selectors
  • lxd/instance/drivers/driver/lxc: Adds release function to reduce repetition of liblxc clearing logic
  • lxd/instance/drivers/driver/lxc: Release liblxc cache when stopping or shutting down
  • lxd/network/network/interface: Adds PeerUsedBy function
  • shared/api/network/peer: Adds UsedBy field to NetworkPeer
  • lxd/network/peer: Populate UsedBy field
  • lxd/network/driver/common: Adds peer used by functions
  • lxd/network/driver/ovn: Prevent peer from being deleted if in use
  • doc/rest-api: Refresh swagger YAML
  • gomod: Update dependencies
  • i18n: Update translations from weblate
  • lxd: Move to new protobuf when possible
  • gomod: Pin x/net to version supporting 1.13
  • lxd/storage/btrfs: Support 5.14.2
  • lxd/db: Use upstream context package
  • gomod: Update dependencies
  • gomod: Downgrade dqlite to 1.10.0
  • lxd/storage/ceph: Properly support pre-existing empty pools

Try it for yourself

This new LXD release is already available for you to try on our demo service.

Downloads

The release tarballs can be found on our download page.

Binary builds are also available for:

  • Linux: snap install lxd
  • MacOS: brew install lxc
  • Windows: choco install lxc

LXD 4.0.8 has been released

26th of October 2021

Introduction

The LXD team is pleased to announce the release of LXD 4.0.8!

This is the eight bugfix release for LXD 4.0 which is supported until June 2025.

Bugfixes and improvements

This release includes a couple of months worth of bugfixes and minor improvements from the development branch.

Some of the highlights include:

  • The codebase has now been switched over to Go modules and its vendor directory
  • lxd recover replaces lxd import for disaster recovery
  • Add support for --all-projects and --format to lxc monitor
  • Add --yes to lxc cluster remove --force
  • Extended network counters in network state API
  • Detection of USB GPU

Those are all smaller improvements backported from LXD feature releases which required no database changes or API behavior changes and were considered a sufficient usability improvement to backport to the LTS release.

The full list of commits is available below:

Detailed changelog
  • lxd/db/generate/db/stmt: replace naturalKeyWhere with whereClause
  • lxd/db/generate/db/parse: use kind parameter for Filter generation
  • lxd/db/generate/db/method: pass query kind to Filter
  • lxd/db/generate/db/stmt: use delete-by statements with Filter instead of only by id
  • lxd/db/generate/db/method: use and handle Filter as paramter for Delete method
  • lxd/db/generate/db/method: make Delete into DeleteOne and DeleteMany
  • lxd/db/certificates: add new entries for code generation
  • lxd/db/certificates: add delete-by fields to CertificateFilter
  • lxd/db/certificates: remove old DeleteCertificateByNameAndType
  • lxd/db/certificates: use Filter as parameter for delete
  • lxd/cluster/membership: use Filter as parameter for delete
  • lxd/db/profiles: add new entries for code generation
  • lxd/db/profiles.mapper: add new generated code
  • lxd/api/project: use Filter as parameter for delete
  • lxd/instance/test: use Filter as parameter for delete
  • lxd/patches: use Filter as parameter for delete
  • lxd/profiles: use Filter as parameter for delete
  • lxd/db/snapshots: add new entries for code generation
  • lxd/db/snapshots.mapper: add new generated code
  • lxd/db/instances: add new entries for code generation
  • lxd/db/instances.mapper: add new generated code
  • lxd/db/instances: use Filter as parameter for delete
  • lxd/db/projects: add new entries for code generation
  • lxd/db/projects.mapper: add new generated code
  • lxd/api/project: use Filter as parameter for delete
  • lxd/db/certificates.mapper: add new generated code
  • shared/validate: Add IsListenAddress
  • lxd/lxd: Validate https address for config key core.https_address
  • lxd/db/operations: add OperationFilter and operation database fields
  • lxd/db/operations: add new entries for code generation
  • lxd/db/generate/db/mapping: add OperationType as valid type for mapping
  • lxd/db/generate/db/parse: support pointers
  • lxd/db/generate/db/stmt: add create-or-replace statement functionality
  • lxd/db/generate/db/method: add CreateOrReplace method functionality
  • lxd/db/operations: remove hard-coded functions
  • lxd/db/generate/db/parse: handle 'omit' tag
  • lxd/db/generate/db/method: pass mapping kind to Parse for 'omit' tag
  • lxd/db/generate/db/stmt: pass mapping kind to Parse for 'omit' tag
  • lxd/db/generate/db/parse/test: pass mapping kind to Parse for 'omit' tag
  • lxd/db/operations.mapper: add new generated code for operations
  • lxd/db/transaction: add GetNodeID
  • lxd/cluster/membership: use filter parameter for generated operation methods
  • lxd/db/db: use filter parameter for generated operation methods
  • lxd/db/operations/test: use filter parameter for generated operation methods
  • lxd/operations: use filter parameter for generated operation methods
  • lxd/operations/linux: use filter parameter for generated operation methods
  • Revert "lxd/device: Fix duplicate MAC test"
  • lxd/node: Relax constraint on cluster address
  • lxd/device/nic/bridged: Exclude NICs that are different type from MAC/IP duplicate checks
  • lxd/device/nic/bridge: Extend parent network exclusions for duplicate MAC/IP checks
  • test: Updates bridged duplicate MAC/IP tests
  • lxd/instance/drivers/qmp/commands: Fixes potential crash in QueryPCI
  • lxd/instance/lxc: Fix swappiness calculation
  • lxd/cluster/info: Increase loadInfo log level for starting local DB
  • lxd/daemon: Modify LXD is starting message to use contextual logging
  • lxd/daemon: Move to contextual logging in init
  • lxd/daemon: Use logger/Debug/Info/logger.Warn rather than logger.Debugf/Infof/Warnf
  • lxd/daemon: Increase some cluster startup/upgrade messages to Warn from Info in init
  • lxd/daemon: Upper case first letter in error in init
  • lxd/storage: Better logging and errors in setupStorageDriver
  • lxd/storage/utils: Removes VolumeDBTypeToTypeName as unused
  • lxd/storage/drivers/volume: Config comment improvement
  • lxd/storage/drivers/volume: Rename customMountPath to mountCustomPath
  • lxd/storage/drivers: vol.mountCustomPath usage
  • lxd/storage/drivers/volume: Adds mountFilesystemProbe and SetMountFilesystemProbe function
  • lxd/storage/drivers/utils: fsUUID simplification
  • lxd/storage/drivers/utils: Adds fsProbe function
  • lxd/storage/drivers/driver/lvm/volumes: Adds vol.mountFilesystemProbe support to MountVolume
  • lxd/storage/drivers/driver/ceph/volumes: Adds vol.mountFilesystemProbe support to MountVolume
  • lxd/instance/drivers/driver/lxc: Adds volumeConfig arg to lxcCreate
  • lxd/instance/drivers/driver/qemu: Adds volumeConfig arg to qemuCreate
  • lxd/instance/instance/utils: Updates Create signature for new create function
  • lxd/instance/drivers/load: Adds volumeConfig arg to create
  • lxd/instance/instance/utils: Adds volumeConfig arg to CreateInternal
  • lxd: instance.CreateInternal usage
  • lxd: instance.CreateInternal usage in tests
  • shared/api: Support for Requestor field in lifecycle event log
  • lxd/instance/drivers: Check instance is stopped, and not in an error state when stopping
  • shared/idmap: Use O_CLOEXEC
  • lxd/storage: Use O_CLOEXEC
  • client/connection: Log simplestreams URL in ConnectSimpleStreams
  • client/connection: Error quoting in ConnectSimpleStreams
  • lxc/config/config: Use DefaultConfig when defaults==true in NewConfig
  • lxc/config/file: Set DefaultRemote in LoadConfig if not specified by config file
  • lxc/config/file: Reference DefaultConfig.DefaultRemote in SaveConfig
  • lxc/monitor: Add --all-projects
  • lxc/monitor: Add --format
  • i18n: Update translation templates
  • test/godeps: Updates with github.com/lxc/lxd/shared/log15
  • lxd/instance/drivers/driver/qemu: Update start time volatile keys before backup file is written
  • lxd/instance: Pass instanceType to ValidConfig
  • lxd/instance: Pass instanceType to validConfigKey
  • shared/instance: Split the config keys in container/VM/Any
  • doc/instances: Mark security.devlxd as available for VMs
  • shared/instance: Re-format
  • shared/instance: Switch to the new maps
  • shared/instance: Pass instanceType to ConfigKeyChecker
  • lxc/list_test: Fix comments
  • lxc/list: Update for ConfigKeyChecker change
  • lxd/instance: Update for ConfigKeyChecker change
  • lxd/storage/drivers/driver/lvm/utils: Typo in comment on lvmBlockVolSuffix
  • lxd/storage/drivers/driver/zfs/utils: Adds zfsBlockVolSuffix const and uses it in dataset function
  • lxd/storage/drivers/driver/zfs/patches: Uses zfsBlockVolSuffix in patchStorageZFSMount function
  • lxd/storage/drivers/driver/ceph/utils: Add cephBlockVolSuffix constant
  • lxd/storage/drivers/driver/ceph/utils: Moves volume type to rbd volume prefix conversion out of getRBDVolumeName and into cephVolTypePrefixes
  • lxd/storage/drivers/driver/lvm/utils: Simplify lvmFullVolumeName
  • shared/api: Fix crash on missing event requestor
  • shared/cmd/ask: Add error handling to CLI question askers to avoid infinite loops with EOF
  • lxd/main/init/interactive: Update usage of CLI asker functions to handle errors
  • lxc/remote: Update usage of CLI askers to handle errors
  • lxc: Hide built-in completion command
  • shared/api: Add support for USB GPU
  • lxd/resources: Add support for USB GPU
  • api: resources_gpu_usb
  • lxd/resources: Reword errors
  • shared/validate: Change IsOneOf to return validator
  • lxd: Switch to new IsOneOf
  • shared: Switch to new IsOneOf
  • doc/cloud-init: Update for current images
  • lxd/db/storage/pools: CreateStoragePool comment improvement
  • lxd/storage/drivers/utils: Consistent error quoting and messaging in wipeDirectory
  • lxd/storage/drivers/driver/btrfs: Consistent error quoting and messaging in Delete
  • lxd/storage/drivers/driver/zfs: Add validation to Mount
  • lxd/storage/backend/lxd: Expand comment in EnsureImage about partial image volume handling
  • lxd/storage/backend/lxd: Don't try to load root disk config in MountInstance/UnmountInstance if instance not in DB
  • lxd/storage/backend/lxd: Remove support for lxd import from CheckInstanceBackupFileSnapshots
  • lxd/storage/backend/lxd: Clarify comment in CheckInstanceBackupFileSnapshots
  • lxd/storage/utils: Adds VolumeTypeToAPIInstanceType function
  • lxd/storage/load: Adds NewTemporary function
  • lxd/storage/drivers/interface: Adds ListVolumes definition
  • lxd/storage/drivers/generic/vfs: Adds genericVFSListVolumes function
  • lxd/storage/drivers/generic/vfs: Adds and uses constant genericVolumeBlockExtension
  • lxd/storage/drivers/driver/mock/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/btrfs/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/dir/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/lvm/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/zfs/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/ceph/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/cephfs/volumes: ListVolumes function
  • lxd/storage/pool/interface: Add ListUnknownVolumes definition
  • lxd/storage/pool/interface: Adds ImportInstance definition
  • lxd/storage/backend/mock: ListUnknownVolumes function placeholder
  • lxd/storage/backend/mock: Adds ImportInstance placeholder function
  • lxd/storage/backend/lxd: Adds ListUnknownVolumes function
  • lxd/storage/backend/lxd: Adds ImportInstance implementation function
  • lxd/storage/backend/lxd: Delete any left over image volumes in Delete
  • lxd/storage/drivers/volume: EnsurePath to create parent snapshot volume directory if needed
  • lxd/storage/drivers/utils: Consistent quoting of errors in createParentSnapshotDirIfMissing
  • lxd/db/profiles: Adds GetProjectProfileNames function
  • lxd/api/internal: Adds internalRecoverValidateCmd and internalRecoverImportCmd endpoint
  • lxd/main: Adds recover CLI command
  • test: Adds container recover tests
  • doc/backup: Newline tweaks for clarity
  • doc/backup: Updates disaster recover documentation describing the use of the lxd recover command
  • lxd/api/internal: Remove lxd import endpoint and internalImportFromRecovery function
  • lxd/api/internal: Remove recovery mode from internalImport
  • lxd/instances/post: internalImport usage in createFromBackup
  • lxd/instance/drivers/driver/lxc: Remove usage of storagePools.InstanceImportingFilePath
  • lxd/api/internal: Update internalImport to use instance name consistency and dont mangle the parsed backup yaml snapshot names
  • lxd/main/import: Modify lxd import to error with instructions to use lxd recover command
  • test: Remove lxd import tests
  • lxd/storage/storage: Delete GetContainerMountPoint as doesn't support VMs
  • lxd/patches/utils: Adds containerMountPoint as deprecated legacy function
  • lxd/patches: Switches to containerMountPoint
  • lxd/instance/post: Switch to storagePools.LoadByInstance() in instancePostClusteringMigrateWithCeph
  • lxd/instance/post: Renames internalClusterContainerMovedPost to internalClusterInstanceMovedPost
  • lxd/instance/post: Error consistency in instancePostClusteringMigrateWithCeph
  • lxd/instance/post: Renames instancePostCreateContainerMountPoint to instancePostCreateInstanceMountPoint
  • lxd/instance/post: Switch to instancePostCreateInstanceMountPoint
  • lxd/profiles/utils: Don't expose node concept in end user errors in doProfileUpdate and doProfileUpdateCluster
  • lxd/api/internal: Rename internalImport to internalImportFromBackup
  • lxd/instances/post: internalImportFromBackup usage in createFromBackup
  • lxd: Renames /internal/cluster/container-moved to /internal/cluster/instance-moved
  • i18n: Update translation template
  • lxd/db/generate/db/mapping: check Filter field in FilterFieldByName
  • lxd/db/generate/db/parse: fill Filter field for Mapping
  • lxd/db/generate/db/parse/test: use empty Filter for tests
  • lxd/db/projects: move api.Project to db.Project
  • lxd/api: use db.Project instead of api.Project
  • lxd/db: use db.Project instead of api.Project
  • lxd/device: use db.Project instead of api.Project
  • lxd/device: use db.Project instead of api.Project
  • lxd/patches: use db.Project instead of api.Project
  • lxd/project: use db.Project instead of api.Project
  • lxd/storage: use db.Project instead of api.Project
  • lxd/db/certificates: add CertificateType for type of certificate
  • lxd/certificates: use CertificateType instead of int
  • lxd/cluster: use CertificateType instead of int
  • lxd/daemon: use CertificateType instead of int
  • lxd/db/migration/test: use CertificateType instead of int
  • lxd/db/generate/db/mapping: support CertificateType
  • lxd/db/generate/db/method: add generator comment to generated methods
  • lxd/db/mapper: generated code
  • Added console and rename to lxd names auto complete
  • lxd/instance/drivers: Add ErrInstanceIsStopped
  • lxd/api_internal_recover: Update for stable-4.0
  • lxd/util/kernel: Renames HasFilesystem to SupportsFilesystem
  • lxd/daemon: util.SupportsFilesystem usage
  • lxd/storage/filesystem: Adds filesystem package and moves FilesystemDetect to it as just Detect
  • lxd/storage/drivers/utils: Removes hasFilesystem
  • lxd/storage/drivers/driver/btrfs: Replace hasFilesystem usage with filesystem.Detect
  • lxd/device: filesystem.Detect usage
  • lxd/instance/drivers: filesystem.Detect usage
  • lxd: filesystem.Detect usage
  • lxd/sys: filesystem.Detect usage
  • shared: Removes IsMountPoint and parseMountinfo
  • lxd/storage/filesystem/fs: Adds parseMountinfo and IsMountPoint
  • lxd/daemon: filesystem.IsMountPoint usage
  • lxd/device: filesystem.IsMountPoint usage
  • lxd/patches: filesystem.IsMountPoint usage
  • lxd/storage: filesystem.IsMountPoint usage
  • lxd/storage/filesystem: Adds StatVFS function
  • shared/util/linux: Removes Statvfs
  • lxd/storage/drivers/generic/vfs: filesystem.StatVFS usage
  • lxd/storage/filesystem/fs: Switch Detect to use StatVFS
  • lxd/storage/drivers: Error quoting
  • lxc: Provide more information on instance device actions
  • lxc: Update error message on non-existent device
  • po: Update translations
  • lxd/storage/drivers: Initialise an empty volume config in the volumes returned from ListVolumes
  • lxd/storage/pool/interface: Adds ImportCustomVolume definition
  • lxd/storage/backend/mock: Adds ImportCustomVolume placeholder
  • lxd/storage/backend/lxd: Adds ImportCustomVolume implementation
  • lxd/storage/backend/lxd: Add custom volume support to ListUnknownVolumes
  • lxd/api/internal/recover: Add custom volume support to recover feature
  • lxd/api/internal/recover: Improve instance recover error messages
  • lxd/instance/drivers/driver/qemu: Remove isImport TODO consideration as lxd import doesn't exist anymore
  • lxd/storage/drivers/driver/zfs/volumes: Fix ListVolumes to detect custom block volumes
  • lxd/storage/backend/lxd: Improve error and logging of removal of left over image volumes in Delete
  • lxd/storage/drivers: Update ListVolumes of block backed drivers to detect duplicate image volumes and only return the block type
  • shared/api/cluster: Add ClusterMemberStatePost
  • lxd: Add forwardedResponseToNode
  • lxd: Add migrateInstance function
  • client: Add UpdateClusterMemberState
  • test/suites: Clean up clustering_image_refresh
  • lxd/instance: Rename project to projectName
  • lxd/db/generate/db: mention interface signatures in cli help
  • lxd/db/generate/file/snippet: add GenerateSignature
  • lxd/cgroup: Fix handling of non-systemd cgroup2
  • lxd/db/generate/db/stmt: implement empty GenerateSignature
  • lxd/db/generate/db/method: implement GenerateSignature and signature
  • lxd/db/generate/db/method: add isInterface argument to begin
  • lxd/db/generate/db/method: use signature instead of begin
  • lxd/db/generate/file/write: add resetInterface and appendInterface
  • lxd/db/interface/mapper: add generated interface files
  • lxd/db/generate/db/method: use GetOne/GetMany instead of Get/List
  • lxd/db: use GetOne/GetMany for generator comments
  • lxd/db/mapper: new generated code
  • lxd/db/generate/db/lex: add -by- field parsing helpers
  • lxd/db/generate/db/mapping: add ActiveFilters
  • lxd/db/generate/db/mapping: make FieldArgs and FieldParams methods on Mapping
  • lxd/db/generate/db/method: use operations to parse method kind
  • lxd/db/generate/db/method: use new Field argument parsing
  • lxd/db/generate/db/method: implement parameter-based delete methods
  • lxd/db: use -by- fields for delete generation comments
  • lxd/db/mapper: update generated code
  • lxd/db: use explicit arguments for delete
  • lxd/api/project: use explicit arguments for delete
  • lxd/cluster/membership: use explicit arguments for delete
  • lxd/instance/test: use explicit arguments for delete
  • lxd/operations/linux: use explicit arguments for delete
  • lxd/patches: use explicit arguments for delete
  • lxd/profiles: use explicit arguments for delete
  • lxd/db/generate/lex/case: lowercase ID and UUID
  • lxd/db/operations/mapper: update generated code
  • lxd/api/internal/recover: Search unknown volumes list for any instance volume and use that for pool DB recovery
  • lxd/main/recover: Add some output when starting potentially log processes
  • test: Ensure custom user config is restored during pool recovery from instance config
  • lxd/db: Update generated functions
  • doc/rest-api: Refresh swagger YAML
  • lxd/db/generate/db/parse: rename (Ref)Filters to (Ref)FiltersFromStmt
  • lxd/db/generate/db/method: use FiltersFromStmt
  • lxd/db/generate/db/method: add if block for empty filters
  • lxd/db/certificates: remove comparison flag from Fingerprint
  • doc: Add events doc to navigation
  • test: Switch recover tests to use a non-default project
  • lxd/api/internal/recover: Recover custom volumes before instance volumes
  • test: Add recover custom volume tests
  • lxd/storage/drivers/driver/cephfs/volumes: Implements ListVolumes function
  • lxd/api/internal/recover: Removes check for skipping unsupported storage pools in internalRecoverScan
  • lxd/api/internal/recover: Don't allow storage pool record recovery if clustered
  • lxd/main/recover: Don't offer the option to enter additional storage pools when clustered
  • lxd/storage/drivers: Prevent custom block volume export
  • lxd/device/disk: Check path property for filesystem volumes
  • lxc/init: When using network flag support managed networks
  • lxd/init: Create NIC called eth0 with interface name eth0 when using --network flag
  • lxc/init: Improve errors so that it is clear what resource type isn't found
  • lxd/instance/drivers: Make volatile.uuid population code same for both drivers
  • lxd/instance/instance/utils: Populate volatile.uuid in CreateInternal if needed
  • lxd/instance/instance/utils: Adds MoveTemporaryName and IsSameLocgicalInstance functions
  • lxd/device/nic/bridged: Update duplicate validation to use instance.IsSameLocgicalInstance
  • test: Fix tests to use eth0 rather than attached network name
  • lxd: Hide built-in completion command
  • lxd/instance/instance/utils: Updates CreateInternal to create an operationlock as soon as its instance ID exists
  • lxd/api/internal: CreateInternal operationlock usage
  • lxd/instance: CreateInternal operationlock usage
  • lxd/instance/drivers/driver/common: CreateInternal operationlock usage
  • lxd/instances/post: CreateInternal operationlock usage
  • lxd/migrate/instance: CreateInternal operationlock usage
  • lxd: Update tests for CreateInternal usage
  • syscall_wrappers: don't conflict with glibc provided close_range()
  • lxd/db/certificates: add manual query for fingerprint with wildcard
  • lxd/db/certificates/test: remove wildcard from test
  • lxd/db/images: remove comparison flag from Fingerprint
  • lxd/db/images: add getImagesByFingerprintPrefix for wildcard querying
  • lxd/db/transaction: add prepare
  • Makefile: add goimports to update-schema
  • lxd/db/mapper: update generated code
  • lxd/db/generate/db/stmt: remove comparison tag handling
  • lxd/db/images/test: add TestGetImage
  • lxd/db/images: fingerprint to fingerprintPrefix and public to publicOnly
  • lxd/apparmor: Allow remount using strictatime
  • lxd/db: use pointers for filter fields
  • lxd/db/generate/db/method: remove Criteria and check filter fields directly
  • lxd/db/generate/db/lex: check filter for nil fields instead of criteria
  • lxd/db/generate/db/mapping: remove unused functions
  • lxd/db/generate/db/parse: remove unused functions
  • lxd/db/generate/db/parse: return active and ignored filters from (Ref)FiltersFromStmt
  • lxd/db/generate/db/lex: check ignored fields are nil in activeFilters
  • lxd/db/generate/db/method: check ignored filters and error out if invalid
  • lxd/firewall: Rename DHCPDNS to ICMPDHCPDNS
  • lxd/firewall/nftables: Allow ICMP
  • lxd/firewall/xtables: Allow ICMP
  • lxd/db/instances: omit InstanceType from -Ref methods
  • lxd/db/mapper: update generated code
  • images: use pointers for ImageFilter
  • operations: use pointers for OperationFilter
  • profiles: use pointers for ProfileFilter
  • snapshots: use pointers for InstanceSnapshotFilter
  • instances: use pointers for InstanceFilter
  • lxd/db/instances: remove InstanceFilterAllInstances
  • lxd/db/instances: add InstanceTypeFilter
  • lxd/db/instances: use InstanceFilter instead of optional args
  • lxd/use InstanceTypeFilter instead of optional args
  • lxd/db/instances: add empty string check for GetLocalNodeName
  • lxd/db/images: use ImageFilter for optional args
  • lxd/storage/pools: use ImageFilter for GetImages args
  • lxd/util: Add ceph config parser
  • lxd/storage/cephfs: Use new ceph parsing funtions
  • lxd/device/disk: Use new ceph parsing funtions
  • lxd/util: Make ceph.conf parser more tolerant
  • global: Disable the completion command
  • lxd/instance/lxc: Rework raw.lxc handling
  • lxd/storage/zfs: Fix bad key name
  • lxd/storage/zfs: Fix ListVolumes to use correct pool name
  • lxd/device: Add CanMigrate
  • lxd/instance/common: Fix error message
  • doc/instances: Clarifies expectation of uniqueness for volatile.uuid
  • lxd/instance/instance/utils: Allow cross-project same instance matching on volatile.uuid in IsSameLocgicalInstance
  • lxd: Fix typo in spelling of IsSameLogicalInstance
  • lxd/device/nic/routed: Specify zero broadcast address
  • test: Add test for routed NIC to ensure broadcast address isn't set by liblxc
  • lxd/init: Allow preseeding cluster_token
  • lxd/main: Replace cluster node with cluster member
  • lxd/device/device/utils/proxy: Improve error messages from ProxyParseAddr
  • lxd/device/proxy: Use validation helpers for clarity
  • lxd/device/proxy: Consistent error endings
  • lxd: Switch to new fsnotify
  • lxd/device/gpu_mdev: Switch to common UUID package
  • lxd/network/errors: ErrUnknownDriver comment ending
  • lxd/network/errors: Adds ErrNotImplemented error
  • lxd/project/permissions: Removes defaultRestrictionsValues and merges into allRestrictions
  • lxd/project/permissions: Add restricted.devices.{pci,proxy} defaulting to block
  • doc/projects: Adds restricted.devices.{pci,proxy} docs
  • lxd/api/project: Add restricted.devices.{pci,proxy} validation
  • scripts/bash/lxd-client: Adds restricted.devices.{pci,proxy} to bash completion
  • lad/project/permissions: Implement restricted.devices.{pci,proxy} restrictions
  • lxd/device/proxy: Don't allow NAT mode when used inside projects with networks feature
  • lxd/device/device/utils/network: Removes networkParsePortRange
  • lxd/network/network/utils: Adds ParsePortRange function
  • lxd/device/device/utils/proxy: network.ParsePortRange usage
  • global: Use shorter uuid generation syntax
  • lxd/init: Introduce --minimal
  • lxc: join tokens are removed by member name, not token
  • shared/validate: Fix IPv6 wildcard handling in IsListenAddress
  • lxd/device/gpu_mdev: Fix mdevUUID logic
  • lxd/response: Rework SmartError to handle wrapped errors from stdlib errors and github.com/pkg/errors
  • lxd/storage/pools: Use SmartError in storagePoolsPost
  • lxd/storage/pools/utils: Wrap errors in storagePoolDBCreate
  • lxd/db/transaction: Adds QueryScan helper function
  • test: Update tests with new error text
  • lxd/storage/backend/lxd: Allow removal of quota from VM filesystem volume if main quota is removed
  • lxd/storage/drivers/driver/btrfs/volumes: Add log for VM block file quota accounting in SetVolumeQuota
  • lxd/storage/drivers/driver/dir/volumes: Add log for VM block file quota accounting in SetVolumeQuota
  • lxd/storage/drivers/driver/btrfs/volumes: Consistently apply referenced limit only and remove exclusive limits in SetVolumeQuota
  • lxd/network/bridge: Comments
  • shared/validate: Add IsInRange
  • lxd/endpoints: Correct bad comment
  • lxd/endpoints: Rename serveHTTP to serve
  • lxd/network/network/utils: Check end port is higher than start port in ParsePortRange
  • lxd/network/network/utils: Adds SubnetContainsIP function
  • lxd/cluster/recover: add Recover
  • lxd/cluster/recover: add updateLocalAddress
  • shared/api/error: Adds StatusError type
  • lxd/response/smart: Updates SmartError to detect and use api.StatusError type errors
  • client/lxd: Updates lxdParseResponse to "interface smuggle" an api.StatusError type when getting an error response from API
  • lxd/storage/backend/lxd: Restore pool directory structure on mount if needed
  • test: Update container recovery tests to check for pool directory structure rebuild
  • lxd/db/db: add DqliteLatestSegment
  • lxd/main/cluster: add ClusterConfig and ToRaftNode
  • lxd/main/cluster: add 'lxd cluster edit' command
  • lxd/main/cluster: add validateNewConfig
  • test/suites/clustering: add test_clustering_edit_configuration
  • lxd/main/cluster: add 'lxd cluster show' command
  • lxd/rbac: Drop old API
  • lxd/api_1.0: Improve structure
  • lxd/daemon: Improve structure
  • gomod: Initial port
  • tests: Silence grep notices
  • doc/index: Clarify CRIU example
  • doc/index: Update for gomod
  • Makefile: Tweak PHONY targets
  • Makefile: Tweak static-analysis
  • Makefile: Switch to gomod
  • tests: Update for gomod
  • github: Update for gomod
  • gomod: Update dependencies
  • lxd/network/driver/common: Updates validate to use shared.IsUserConfig
  • Makefile: Cleanup if statements
  • Makefile: Add support for LXD_OFFLINE
  • client/util: Adds urlsToResourceNames function
  • client: Switch *Names functions to use urlsToResourceNames
  • doc/instances: Capitalize NIC
  • lxd/firewall/drivers/driver/consts: Adds AddressForward type
  • lxd/firewall/firewall/interface: Updates InstanceSetupProxyNAT to accept AddressForward
  • lxd/firewall/drivers/driver/xtables: Updates to support AddressForward
  • lxd/firewall/drivers/drivers/nftables: Updates to support AddressForward
  • lxd/firewall/drivers/drivers/nftables: Separate DNAT rules from SNAT rules in InstanceSetupProxyNAT
  • lxd/device/config/device/proxyaddress: Separate address and ports in ProxyAddress
  • lxd/device/device/utils/proxy: Updates ProxyParseAddr to support new ProxyAddress format
  • lxd/device/proxy: Updated to support firewallDrivers.AddressForward and ProxyAddress changes
  • lxd/main/forkproxy: Updates to support changed ProxyAddress
  • lxd/main/forkproxy/test: Updates tests to refect new ProxyAddress structure
  • Makefile: Use go env GOPATH command to get GOPATH rather than env var GOPATH
  • Makefile: Build lxd-generate directly to $(GOPATH)/bin/lxd-generate
  • lxd/db/generate/lex/parse: Remove github.com/pkg/errors dependency
  • lxd/db/generate/lex/parse: Updates Parse to take an absolute path to package directory
  • lxd/db/generate/lxd/parse/test: Updates TestParse
  • lxd/db/generate/db/parse: Updates Packages and defaultPackages to work relative to the LXD source tree
  • lxd: implement volume import/export for CephFS
  • lxd/main: Add setfattr to dependencies
  • lxc/info: Use local timezone
  • test/suites/clustering: use 'lxd cluster show' for tests
  • lxd/cluster/membership: make waitLeadership public
  • shared/api/error: Removes pointer receivers from StatusError functions
  • shared/api/error: Adds StatusErrorMatch helper function
  • lxd/response/smart: api.StatusErrorMatch usage in SmartError
  • Makefile: Set GO111MODULE=on for update-api
  • client/util: Update urlsToResourceNames to reduce allocations
  • lxd/network/network/utils: Adds ParseIPToNet and ParseIPCIDRToNet functions
  • shared/api/network/forward: Adds shared structs for network address forwards
  • doc/rest-api: Refresh swagger YAML
  • lxd/api/cluster: handover leadership when removing leader
  • test/suites/clustering: add test_clustering_remove_leader
  • lxd/util/sys: add ReplaceDaemon
  • lxd/api/cluster: replace daemon when disabling clustering
  • shared/api: Add Refresh to StorageVolumeSource
  • doc/rest-api: Refresh swagger YAML
  • client: Add Refresh flag to StoragePoolVolumeCopyArgs
  • lxd/storage: Improve errors
  • lxd/storage: Fix Refresh with CreateCustomVolumeFromMigration
  • doc/index: Update min packages required to operate LXD
  • doc/index: Add recommendation about min memory size needed
  • doc: Don't assume that Go's bin path is ~/go/bin
  • doc/requirements: Adds minimum memory requirements to build
  • lxd/util/net: add IsWildcardAddress
  • lxd/api/cluster: block core.https_address wildcard in cluster bootstrap
  • doc/clustering: add 'lxd cluster edit' documentation
  • lxd/endpoints/network: don't give up if no network listeners exist
  • lxd/endpoints/cluster: check for unset networkAddress before returning
  • lxd/endpoints/endpoints: fallback from network to cluster address
  • lxd/node/config: assign default port to listener addresses if none given
  • test/suites/clustering: expand tests to check listener addresses
  • lxc/main/aliases: Fix panic when empty argument passed to lxc command
  • test: Improve container devices proxy xtables tests
  • test: Fix tabbing in container devices proxy test
  • shared/api: Add Errors{Received,Sent} to network counters
  • shared/netutils: Fill Errors counters
  • doc: Update Rest API
  • test: Improve error checks for proxy device
  • lxd/firewall/drivers/drivers/nftables: Rework InstanceSetupProxyNAT to accomodate network forward support
  • lxd/firewall/drivers/drivers/xtables: Fix proxy NAT listen port in InstanceSetupProxyNAT
  • api: Add network_counters_errors extension
  • i18n: Update translation templates
  • lxd/device/proxy: Improve connect IP error messages
  • shared/api: Add PacketsDropped{Inbound,Outbound} to network counter
  • shared/netutils: Fill Dropped counters
  • doc: Update Rest API
  • api: Extend network_counters_errors API extension
  • lxd/device/proxy: Improve post-start error messages to include device name
  • Remove mkdocs.yml
  • .github/workflows: Update go versions
  • lxd/firewall/drivers/drivers/xtables: Updates iptablesClear to support removing rules by matching multiple comments
  • lxd/firewall/drivers/drivers/xtables: Adds iptablesCommentPrefix
  • lxc/copy: Don't allow --refresh and --no-profiles
  • i18n: Update translation templates
  • lxc/cluster: Comment improvement
  • lxd/api/cluster: Adds mutex to clusterNodesPost to prevent concurrent requests creating duplicates
  • lxd/util/net: Update CanonicalNetworkAddress to return canconical IP
  • lxd/util/net: Update IsAddressCovered to use net.IP when comparing IP equality
  • lxd/endpoints/cluster: Improve error message in ClusterUpdateAddress
  • lxd/endpoints/network: Improve error message in NetworkUpdateAddress
  • lxd/util/net: Improve comment in CanonicalNetworkAddress
  • lxd/main/init/interactive: Use util.CanonicalNetworkAddress in askClustering
  • lxd/main/init: Use util.CanonicalNetworkAddress when constructing address from join token
  • lxd/main/init: Ensure config.Cluster.ServerAddress and config.Cluster.ClusterAddress are in canonical form
  • lxd/endpoints/endpoints: require set network listener before checking coverage
  • test/suites/clustering: add enable clustering test on lxd reload
  • lxd/resources/network: send not-found error instead of internal error
  • shared/util: rename DefaultPort to HTTPSDefaultPort
  • lxd/util/net: specify default port to CanonicalNetworkAddress
  • lxd/util/net: specify default port to CanonicalNetworkAddressFromAddressAndPort
  • shared/util: add HTTPDefaultPort
  • lxd/endpoints/pprof: use HTTP port instead of HTTPS for debug address
  • lxd/node/config: Canonicalize core.debug_address
  • lxc: Fix aliases containing @ARGS@
  • doc/rest-api: Refresh swagger YAML
  • lxd/storage/driver/zfs: Fix ListVolumes with custom zpool
  • lxd/device/nic_bridged: Load network during validation
  • lxd/network/network/utils: Adds nicUsesNetwork function
  • lxd/network/driver/common: Moves externalSubnetUsage to common
  • lxd/network/network/utils: Adds BridgeNetfilterEnabled function
  • lxd/device/proxy: network.BridgeNetfilterEnabled usage
  • lxd/device/nic/bridged: network.BridgeNetfilterEnabled usage
  • lxd/network/network/utils: Exports NICUsesNetwork
  • lxd/device/nic/bridged: network.NICUsesNetwork usage in validate
  • lxd/db/raft: rename RemoteRaftNode to RemoveRaftNode
  • lxd/db/node/update: Add updateFromV41
  • lxd/db/node/schema: update schema
  • lxd/db/raft: add Name field to RaftNode
  • lxd/node/raft: use empty Name if not yet clustered
  • lxd/cluster: handle Name field for RaftNode
  • lxd/cluster/gateway: populate RaftNode Name from global database
  • lxd/api/cluster: add Name field to internalRaftNode struct
  • lxd/main/cluster: add name to 'lxd cluster show/edit'
  • lxd/test: add Name field to RaftNode tests
  • lxd/cluster/recover: append to patch.global.sql if exists
  • lxd/main/cluster: make segmentID a comment instead of struct field
  • doc/clustering: update 'lxd cluster edit' docs
  • lxd: Fix swagger definitions to avoid conflicts
  • doc/rest-api: Refresh swagger YAML
  • doc/instances: Clarify default CPU/RAM for VMs
  • lxd/network: Remove unused struct
  • lxd/networks: Handle stateful DHCPv6 leases
  • lxd/networks: Add EUI64 records to leases
  • lxd/device/nic: ensure instance device IP is different from parent network
  • lxd/daemon/storage: unmount all storage pools on shutdown
  • lxd/cluster/heartbeat: Adds Name field to APIHeartbeatMember
  • lxd/cluster/heartbeat: Preallocate raftNodeMap in Update
  • lxd/cluster/heartbeat: Populate Name in Update
  • lxd/cluster/gateway: Update currentRaftNodes to use a single query to get cluster member info
  • lxd/cluster/gateway: Preallocate raftNodes slice for efficiency
  • lxd/cluster/gateway: Do not query leader cluster DB to enrich raft member name in HandlerFuncs
  • lxd/cluster/recover: Preallocate nodes in Reconfigure
  • lxd/util: Respect modprobe configuration
  • shared/instance: don't allow 'limits.memory' to be 0
  • lxd/cgroup: Add GetMemoryStats
  • lxd/cgroup: Add GetIOStats
  • lxd/cgroup: Add GetCPUAcctUsageAll
  • lxd/cgroup: Add GetTotalProcesses
  • lxd/response: Add SyncResponsePlain
  • lxd/storage/filesystem: Add FSTypeToName
  • test: Remove restart tests that don't use --force
  • lxd/daemon/storage: Skip unmounting LVM pools in daemonStorageUnmount
  • lxc/config_trust: Support stdin and allow name override
  • i18n: Update translation templates
  • lxc: Cleanup LXD client imports
  • lxd: Cleanup LXD client imports
  • lxc-to-lxd: Cleanup LXD client imports
  • doc: update link to rest-api.yaml
  • Typo
  • lxd/instance: Fix response for patch
  • swagger: Fix return code for operations
  • doc/rest-api: Refresh swagger YAML
  • lxd/endpoints/network: Specify protocol version for 0.0.0.0 address
  • doc: Document recently added architectures
  • seccomp: Add riscv64 syscall mappings
  • shared/api: Add CertificateTypeMetrics
  • lxd/daemon/storage: Renames daemonStorageUnmount to daemonStorageVolumesUnmount
  • lxd/daemon: Rename numRunningContainers numRunningInstances
  • Fix documented HTTP return code in console POST
  • doc/rest-api: Refresh swagger YAML
  • lxd/main/daemon: Rework cmdDaemon shutdown process
  • lxd/storage/drivers/driver/lvm: Fix Unmount to be more reliable
  • lxd/storage/drivers/driver/lvm: Fix Mount to be more reliable
  • lxd/main/daemon: Removes LVM shutdown unmount workaround
  • doc/rest-api: Add missing entry for 112 (error)
  • lxd/instance/drivers: Move raw.lxc config load to separate function
  • lxd/instance/drivers: Fix raw.lxc handling for shutdown/stop
  • lxd/storage/filesystem: Removes duplicated constants from unix package
  • lxd/storage/filesystem/fs: Removes duplicated constants from unix package
  • lxd/storage/filesystem/fs: Update FSTypeToName to work on 32bit platforms
  • lxd/storage/drivers/driver/lvm: Skip unmount
  • lxd/cgroup: Implement CPU usage for cgroup v2
  • shared/json: Removes DebugJson from shared
  • lxd/cgroup: Fix logging in cgroup init
  • lxd/util/http: Adds DebugJSON function
  • lxd/util/http: Adds debugLogger arg to WriteJSON
  • lxd/main: Set response debug mode based on --debug flag
  • lxd/response/response: Reworks syncResponse to use util.WriteJSON
  • lxd/response/response: Adds util.DebugJSON support to errorResponse
  • lxd/operations/response: Adds util.WriteJSON support to operationResponse
  • lxd/operations/response: Adds util.WriteJSON support to forwardedOperationResponse
  • lxd/endpoints/endpoints/test: util.WriteJSON usage
  • lxd/cluster/notify/test: util.WriteJSON usage
  • lxd/devlxd: Adds util.WriteJSON support to hoistReq
  • lxd-agent/devlxd: Add util.WriteJSON support to hoistReq
  • lxd-agent/server: util.DebugJSON usage
  • lxd/daemon: Clearer logging of API requests in createCmd
  • lxd/daemon: util.DebugJSON usage in createCmd
  • lxd/cluster/gateway: util.WriteJSON usage
  • lxd/response/response: Use api.ResponseRaw in error response
  • client/lxd/network/forward: Adds network forwards functions
  • client/interfaces: Corrects typo in GetNetworkForward
  • lxd/instances: containerStopList -> instanceStopList
  • lxd/instances: Handle VMs in instancesOnDisk
  • lxd/instances: s/containers/instances/
  • lxd/instances: Rename old container variables
  • lxd/instances: Check DB before calling VolatileSet
  • lxd/util: Handle ':8443' syntax in ListenAddresses
  • lxd/util/http: Improve comment on ListenAddresses
  • lxd/util/http: Improve argument name in configListenAddress
  • lxd/util/http: Use net.JoinHostPort in ListenAddresses rather than wrapping IPv6 addresses in []
  • lxd/util/http: Improve ListenAddresses by breaking the parsing into phases
  • lxd/util/http/test: Adds ExampleListenAddresses function
  • shared/api/url: Adds URL builder type and functions
  • lxd/network/network/utils: Updates UsedBy to use api.URLBuild
  • lxc/file: use flagMkdir to create dirs on lxc pull
  • lxc/file: add DirMode constant for 'lxc file'
  • lxd/api/cluster: only change member role from leader
  • test/suites/clustering: wait for node shutdown to propagate to members
  • lxd/storage/drivers: Support generic custom block volume backup/restore
  • lxd/storage/drivers/zfs: Drop restriction on custom block volume backup/restore
  • lxd/storage/drivers/btrfs: Drop restriction on custom block volume backup/restore
  • lxd/main/shutdown: Updates cmdShutdown to handle /internal/shutdown being synchronous
  • lxd/api/internal: Updates shutdown request to wait for d.shutdownDoneCtx
  • lxd/main/daemon: Call d.shutdownDoneCancel when daemon function ends
  • lxd/daemon: Adds shutdownDoneCtx context to indicate shutdown has finished
  • lxd: d.shutdownCtx usage
  • lxd/main/daemon: d.shutdownCancel usage in daemon function
  • lxc/config_trust: Delete only works on fingerprints
  • i18n: Update translation templates
  • test: Log PID of process being killed
  • test: Require node removal to succeed in test_clustering_remove_leader
  • lxd/storage/drivers: Checks that mount refCount is zero in all drivers
  • lxd/storage/drivers/driver/cephfs/volumes: Adds mount ref counting
  • lxd/device/disk: Use errors.Is() when checking for storageDrivers.ErrInUse in Update
  • lxd/device/disk: Ignore storageDrivers.ErrInUse error from pool.UnmountCustomVolume in postStop
  • lxd/storage/drivers: Log volName in UnmountVolume
  • lxd: add core scheduling support
  • lxd/response/response: Adds manualResponse type
  • lxd/api/cluster: Removes arbitrary 3s wait in clusterPutDisable which was causing test issues
  • test: Wait for daemons to exit in test_clustering_remove_leader
  • lxd/api/cluster: Add logging to clusterPutDisable
  • test: Detect if clustering network needs removing
  • lxd/qemu: Disable large decrementor on ppc64le
  • lxd/daemon: Reworks shutdown sequence
  • lxd/daemon: Reworks Stop
  • lxd/api/cluster: d.shutdownCtx.Err usage
  • lxd/api/internal: d.shutdownCtx.Err usage
  • lxd: daemon.Stop usage
  • lxd/operations: Updates waitForOperations to accept context
  • lxd/main/shutdown: Require valid response from /internal/shutdown in cmdShutdown
  • lxd: db.OpenCluster usage
  • lxd/cluster/membership: Update notifyNodesUpdate to wait until all heartbeats have been sent
  • lxd/db/db: Replace clusterMu and closing with closingCtx in OpenCluster
  • lxd/api/cluster: Improves logging
  • lxd/api/internal: Rework internalShutdown to return valid response as LXD is shutdown
  • lxd/daemon: db.OpenCluster usage in init
  • lxd/daemon: Improved logging and error handling in init
  • lxd/main/daemon: Reworks cmdDaemon to use d.shutdownDoneCh and call d.Stop()
  • test: Increase timeouts on ping tests
  • lxd/daemon: Adds daemon started log
  • lxd/daemon: Whitespace in NodeRefreshTask
  • lxd/api/cluster: Improve logging in handoverMemberRole
  • lxd/api/cluster: Adds cluster logging
  • test: Addition test logging
  • lxd/cluster/membership: Improve logging in Rebalance
  • lxd/daemon: Stop clustering tasks during Stop
  • lxd/api/cluster: Improve logging in clusterNodeDelete
  • test: Try and kill LXD daemon that fails to start
  • lxd/dameon: Removes unnecessary go routines in NodeRefreshTask
  • lxd/db/db: Use db.PingContext in OpenCluster
  • lxd/db/db: Rework logging and error handling in OpenCluster
  • lxc/file: Fix file push help message
  • lxd/storage/drivers: Handle symlinks when walking file tree
  • i18n: Update translation templates
  • lxd/cgroup: Fix GetIOStats on cgroup2
  • lxd/endpoints/network/test: Test tcp4 interface and request via IPv6
  • lxd/endpoints/network/test: Test tcp4 connection with configured 0.0.0.0 network address
  • gomod: Update dependencies
  • lxd/checkfeature: check whether the kernel supports core scheduling
  • lxd/daemon: Fix crash on lxd start when another lxd already running
  • lxd/daemon: Don't fail shutdown if fail to close cluster DB
  • lxd/daemon: Don't use Infof and Errorf
  • lxd/instance/operationalock: Change lock from using instance ID to use project and instace name
  • lxd/instance/operationalock: Use %q for error quoting
  • lxd/instance/operationlock: Get lock after checking for non-nil operation
  • lxd/instance/drivers/driver/common: operationlock usage
  • lxd/instance/drivers/driver/lxc: operationlock usage
  • lxd/instance/drivers/driver/qemu: operationlock usage
  • lxd/instance/instance/utils: operationlock usage
  • test: Kill LXD process if doesn't start in time
  • lxd/main/shutdown: Fix shutdown regression when running in snap
  • lxc: suggest 20.04 as the first container to launch instead of 18.04
  • lxc: switch from 18.04 to 20.04 for examples of Ubuntu instances
  • i18n: Update translation templates
  • lxc: update wording when a cert is successfully trusted by a remote
  • i18n: Update translation templates
  • shared/api/network/forward: Fix api extension references
  • lxd/cluster: Drop unused import
  • lxd/certificates: remove explicit calls to UpdateCertificateProjects
  • lxd/db/generate/db/method: fill entity id association tables on create/update
  • lxd/db/certificates.mapper: update generated code
  • lxd/backup/backup/config: Adds ToInstanceDBArgs function
  • lxd/instance/instance/utils: Adds LoadFromBackup function
  • lxd/project/project: Update comment of InstanceParts
  • lxd/instances: Reworks instancesOnDisk to return slice of instance.Instance
  • lxd/instances: Updates instancesShutdown to use instancesOnDisk
  • lxd/patches: Updates patchUpdateFromV11 and patchUpdateFromV15 to use instancesOnDisk
  • lxd/api/internal: Use backupConf.ToInstanceDBArgs in internalImportFromBackup
  • lxd/api/internal/recover: Updates internalRecoverImportInstance to use backupConf.ToInstanceDBArgs
  • lxd/instances: Don't clear last power state of all instances in a cluster in instancesShutdown
  • lxd/db/instances: Removes ResetInstancesPowerState function
  • lxd/instances: Move shutdown timeout logic into per-instance go routine in instancesShutdown
  • lxd/instances: Reworks instancesShutdown to handle and log shutdown failures by forcefully stopping
  • lxd/instances: Updates instancesShutdown to accept a slice of instances
  • lxd/instances: Renames containerAutostartList to instanceAutostartList
  • lxd/instances: Renames instancesRestart to instancesStart
  • lxd/daemon: Updates init to use instancesStop and instancesStart with preloaded container list
  • lxd/daemon: Updates Ready to use updated instancesStart
  • lxd/certificates: Update for stable-4.0
  • lxd/daemon: Updates Stop to load instances once
  • lxd/daemon: Updates numRunningInstances to accept a list of instances to check
  • shared/osarch/architectures: Use ARCH_UNKNOWN rather than 0 in ArchitectureId
  • lxd/db/instances: Removes UpdateInstancePowerState function
  • lxd/instance/drivers/driver/common: Adds recordLastState function
  • lxd/instance/drivers: Use d.VolatileSet in onStop hook to record last power state
  • lxd/instance/drivers: d.recordLastState usage
  • lxd/instances/drivers: Call d.UpdateBackupFile just before starting instance process
  • lxd/daemon: Close global database after query failure in Stop
  • lxd/daemon: Use consistent terminology of global rather than remote database in Stop
  • lxd/api/internal: Update internalContainerHookLoadFromReference to try and load instance from backup if DB not available
  • lxd/instance/drivers/driver/qemu: Update getMonitorEventHandler to try and load instance from backup if DB not available
  • lxd/storage/drivers/driver/zfs/volumes: Log dev path in UnmountVolume
  • lxd/migration: Update protobuf config
  • lxd/migration: Update generated protobuf
  • lxd/apparmor: Allow remount using noatime
  • lxd/apparmor: remove mount options alternations
  • lxd/apparmor: remove another mount options alternations
  • lxd/apparmor: remove spaces between mount options for consistency
  • lxd/apparmor: remove duplicated mount rules (ro,remount,bind)
  • lxd/api/cluster: Fail on no leader in internalClusterPostHandover
  • lxd/instance: Fix image download race condition in instanceCreateFromImage
  • lxd/api/cluster: Fail on no leader in handoverMemberRole
  • lxd/cluster/gateway: Log partial and initial heartbeat as info
  • test: Adds better logging and removes handover sleeps in test_clustering_handover
  • lxd/cluster/heartbeat: No need to log heartbeat restart
  • test: Actually ensure cluster DB isn't reachable after its lost quorum in test_clustering_shutdown_nodes
  • test: Use timeouts in kill_lxd
  • lxd/storage/drivers/driver/zfs/volumes: Use normal mount rather than zfs mount
  • tests: add missing --force-local to lxc stop
  • tests: use CSV format and column filtering where applicable
  • tests: use CSV format and column filtering to find the name of the newly created instance
  • tests: use grep -F when the match pattern contains regex/wildcard
  • lxd/instance/operationlock: Adds TimeoutSeconds constant
  • lxd/instance/drivers/driver/common: Error quoting in onStopOperationSetup
  • lxd/instance/drivers/driver/qemu: Updates onStop to be more like lxc driver
  • test: Don't use pid files in test_clustering_shutdown_nodes
  • tests: Unify how the instance's PID is looked up
  • tests: replace grep | cut by awk
  • lxd/sys/os: reorder kernel features
  • os: add separate entries for pure core scheduling kernel feature and container support
  • lxd: support core scheduling for virtual machines
  • lxd/instance/drivers/driver/qemu: Improve comments in Shutdown
  • lxd/instance/operationlock: Add ErrNonReusuableSucceeded error and Action type and action constants
  • lxd/instance/operationlock: Reworks Create to use Action type
  • lxd/instance/operationlock: Reworks CreateWaitGet
  • lxd/instance/drivers/driver/common: operationlock.Action usage
  • lxd/instance/drivers/driver/lxc: operationlock.CreateWaitGet and operationlock.Create usage
  • lxd/instance/drivers/driver/qemu: operationlock.CreateWaitGet and operationlock.Create usage
  • lxd/instance/drivers/driver/qemu: Add comment in Stop about operation lock
  • lxd/instance/drivers/driver/qemu: Keep operation alive in Shutdown
  • lxd/instance/drivers/driver/lxc: Keep operation alive in Shutdown
  • lxd/network: Move Leases to network package
  • lxd: support core scheduling for container even without LXC library support
  • lxd/daemon: Updates NodeRefreshTask to accept an isLeader and unavailableMembers argument
  • lxd/api/cluster: Improves logging in internalClusterPostHandover
  • lxd/cluster/gateway: Adds shutdownCtx to NewGateway and return 503 in heartbeat if shutting down
  • lxd/storage/drivers/driver/zfs/volumes: Set mountpoint=none for filesystem volumes
  • lxd/storage/drivers/driver/zfs/patches: Update patches to set mountpoint=none
  • lxd/cluster/gateway: Adds HeartbeatHook type
  • lxd/cluster/gateway: Reject heartbeat if shutting down
  • lxd/cluster/gateway: Rework HandlerFuncs heartbeat handling
  • lxd/cluster/heartbeat: Update heartbeatRestart to return bool if heartbeat restarted
  • lxd/cluster/heartbeat: Pass non-updated heartbeat members as unavailable to heartbeat refresh task in heartbeat
  • lxd/cluster/membership: Add logging to notifyNodesUpdate
  • lxd/cluster/membership: Improve logging in Assign
  • lxd/cluster/membership: Adds unavailableMembers support to Rebalance and newRolesChanges
  • lxd/api/cluster: Adds unavailableMembers support to rebalanceMemberRoles
  • lxd/api/cluster: Improve logging in rebalanceMemberRoles
  • lxd/cluster/gateway/test: cluster.NewGateway usage
  • lxd/cluster/gateway: Remove unnecessary logging
  • lxd/cluster/gateway: Don't stop enrichhing raft nodes if one member name not found in currentRaftNodes
  • test: Reduce sleeps and offline threshold in clustering tests to speed them up
  • shared/api/error: Improve argument name in StatusErrorMatch
  • shared/api/error: Adds StatusErrorCheck helper function
  • lxd/instance/drivers/driver/lxc: Fix restart locking
  • lxd/cluster/heartbeat: Use api.StatusErrorf in error returned from HeartbeatNode
  • test: Improve test_clustering_remove_raft_node reliability
  • lxd/storage/drivers/volume: Adds IsCustomBlock function
  • lxd/storage/drivers/generic/vfs: Fixes regression in genericVFSBackupUnpack for VM config volume import
  • lxd/db/networks: Reworks GetNetworkInAnyState and its ilk to split the functionality out into separate functions
  • lxd/networks: Use api.StatusErrorCheck to check for not found error from d.cluster.GetNetworkInAnyState
  • lxd/network/network/utils: Removes unnecessary DB lookup via NICType function in isInUseByDevice
  • lxd/network/network/utils: Updates UsedBy to use usedByInstanceDevices
  • lxd/network/network/utils: Updates usedByInstanceDevices to use updated isInUseByDevice
  • lxd/network/network/utils: Updates isInUseByProfile to use updated isInUseByDevice
  • lxd/network/network/utils: Renames isInUseByProfile to usedByProfileDevices
  • test: Fix test_clustering_shutdown_nodes tests to check for case insensitive PID info field
  • lxd/db/networks: Fixes getStoragePool to support NULL description fields
  • api: Add image_source_project extension
  • shared/api: Add Project to ImagesPostSource
  • client: Support source project in image copies
  • lxd: Support source project in image copies
  • lxc/image: Support source project in image copies
  • doc/rest-api: Refresh swagger YAML
  • lxd/db/config: rename UpdateConfig to UpdateClusterConfig
  • lxd/db/generate/lex/form: smarter pluralize function
  • lxd/db/generate/db/method: fix stmt type for generating URIs
  • lxd/db/generate/db/parse: check stmt and method for omitting fields
  • lxd/db/generate/db/mapping: pass table name to FieldColumnName
  • lxd/db/generate/db/stmt: pass variable name to register function
  • lxd/db/operations.mapper: remove ProjectID omission from operations
  • lxd/instance/drivers/qmp/monitor: Update run to accept an interace{} for args and JSON encode internally
  • lxd/instance/drivers/qmp/monitor: m.run usage
  • lxd/instance/drivers/qmp/commands: m.run usage
  • lxd/instance/drivers/qemu: Adds workaround for QEMU 6.x regression in handling memory object host-nodes setting
  • lxd/device: Make sure vfio-pci is loaded
  • lxc/cluster: Add --yes to remove
  • tests: Update for change to cluster remove
  • shared/api/cluster: add Config to ClusterMemberPut
  • doc/rest-api: Refresh swagger YAML
  • lxd/db/config.mapper: placeholder config methods
  • lxd: Add fsmonitor package
  • lxd/state: Add DevMonitor to state
  • lxd: Initialize DevMonitor in daemon
  • lxd/device: Switch to DevMonitor
  • lxd/device: Check prefix path in source
  • lxd/device: Remove old inotify code
  • test/suites: Add fsmonitor to static analysis
  • lxd/api/cluster: fix comment on clusterGet clusterPut
  • test: Set LXD_DEVMONITOR_DIR
  • doc/environment: Add LXD_DEVMONITOR_DIR
  • shared/api/network/peer: Adds network peering API types
  • client/interfaces: Adds network peer management function definitions
  • client/lxd/network/peer: Adds network peer management client functions
  • lxd/network/driver/bridge: Fix leases
  • lxd-p2c: Allow passing existing certificate
  • client/connection: Typo in ConnectLXD
  • lxd/instance/post: Improve error in instancePostClusteringMigrate
  • doc/rest-api: Refresh swagger YAML
  • lxd/instance/post: Refactor how backward compat handling of Live field in instancePost
  • lxd/instance/post: Error quoting
  • process_utils: move wait_for_pid_status_nointr() to common code
  • lxd: consolidate functions into common header
  • lxd: make C functions static
  • lxd: add config.h for common options
  • doc: Drop part about building LXC
  • doc: Add bind9-dnsutils to testsuite requirements
  • lxd: use argument struct for manip_file_in_ns()
  • forkfile: small coding style fixes
  • forkfile: decrease indendation level
  • lxd/fsmonitor/drivers: Add missing FAN_MARK_FILESYSTEM
  • doc/enviroment: Clarify that LXD_DEVMONITOR_DIR is for testing
  • lxd/fsmonitor: Ensure path is a mountpoint
  • test: Use mountpoint for test devices

Try it for yourself

Try the latest LXD release on our demo service.

Downloads

The release tarballs can be found on our download page.

Binary builds are also available for:

  • Linux: snap install lxd
  • MacOS: brew install lxc
  • Windows: choco install lxc

LXD 4.19 has been released

1st of October 2021

Introduction

The LXD team is very excited to announce the release of LXD 4.19!

This is a release that's very busy on the bugfixing front with a lot of improvements around clustering, including improved shutdown logic, easier disaster recovery, improved logging and better handling of a variety of network setups.

There are also a number of fixes and minor improvements to the recently added network forwards feature, now properly integrating with BGP and a new lxc network forward get command.

The headline feature for this release is the addition of instance metrics, effectively a new endpoint (/1.0/metrics) which exposes a text OpenMetrics endpoint suitable for scraping with tool like Prometheus.

Enjoy!

New features and highlights

Instance metrics

A frequent request over the years has been for a better way to track instance resource usage. This becomes particularly critical on busy systems with many projects or even multiple clustered servers.

To handle this, LXD 4.19 introduces a new /1.0/metrics API endpoint which provides a text OpenMetric endpoint suitable for use with Prometheus and similar tools.

As it stands it provides a variety of metrics related to:
- CPU
- Memory
- Disk
- Network
- Processes

In general, we've tried to keep the metric names aligned with those of node-exporter which should then make adapting existing dashboards and tooling pretty easy.

The endpoint is always available to authenticated users but can also be configured to listen to an additional address with core.metrics_address as well as adding additional trusted certificates which will be restricted only to the metrics interface (lxc config trust add --type metrics).

Example output at: https://gist.github.com/stgraber/ab7f204fb4bf53dbe134f6460bf41470

Specification: https://discuss.linuxcontainers.org/t/lxd-metric-exporter-for-instances/11735
Documentation: https://linuxcontainers.org/lxd/docs/master/metrics

Reworked output for lxc cluster list

The lxc cluster list output was changed from just showing a boolean YES/NO in a database column to instead showing a text list of roles.

Currently the roles are database or database-standby but more will be added in the future. This makes it easier to understand exactly what each clustered server is doing.

stgraber@dakara:~$ lxc cluster list s-dcmtl-cluster:
+---------+-------------------------------------+----------+--------------+----------------+----------------------+--------+-------------------+
|  NAME   |                 URL                 |  ROLES   | ARCHITECTURE | FAILURE DOMAIN |     DESCRIPTION      | STATE  |      MESSAGE      |
+---------+-------------------------------------+----------+--------------+----------------+----------------------+--------+-------------------+
| abydos  | https://[2602:fd23:8:200::100]:8443 | database | x86_64       | default        | HIVE - top server    | ONLINE | Fully operational |
+---------+-------------------------------------+----------+--------------+----------------+----------------------+--------+-------------------+
| langara | https://[2602:fd23:8:200::101]:8443 | database | x86_64       | default        | HIVE - middle server | ONLINE | Fully operational |
+---------+-------------------------------------+----------+--------------+----------------+----------------------+--------+-------------------+
| orilla  | https://[2602:fd23:8:200::102]:8443 | database | x86_64       | default        | HIVE - bottom server | ONLINE | Fully operational |
+---------+-------------------------------------+----------+--------------+----------------+----------------------+--------+-------------------+

Export of block custom storage volumes

It's now possible to export block custom storage volumes using lxc storage volume export just as it is for filesystem volumes.

Note however that block custom storage volumes tend to end up being significantly larger than the filesystem ones and so can take quite a bit of resources to export and import.

Complete changelog

Here is a complete list of all changes in this release:

Full commit list
  • lxd/util/net: Update CanonicalNetworkAddress to return canconical IP
  • lxd/util/net: Update IsAddressCovered to use net.IP when comparing IP equality
  • lxd/endpoints/cluster: Improve error message in ClusterUpdateAddress
  • lxd/endpoints/network: Improve error message in NetworkUpdateAddress
  • lxd/util/net: Improve comment in CanonicalNetworkAddress
  • lxd/main/init/interactive: Use util.CanonicalNetworkAddress in askClustering
  • lxd/main/init: Use util.CanonicalNetworkAddress when constructing address from join token
  • lxd/main/init: Ensure config.Cluster.ServerAddress and config.Cluster.ClusterAddress are in canonical form
  • doc: Adds network forwards to left hand nav
  • doc/server: Fix incorrect default for routerid
  • lxd/endpoints/endpoints: require set network listener before checking coverage
  • test/suites/clustering: add enable clustering test on lxd reload
  • lxd/resources/network: send not-found error instead of internal error
  • shared/util: rename DefaultPort to HTTPSDefaultPort
  • lxd/util/net: specify default port to CanonicalNetworkAddress
  • lxd/util/net: specify default port to CanonicalNetworkAddressFromAddressAndPort
  • shared/util: add HTTPDefaultPort
  • lxd/endpoints/pprof: use HTTP port instead of HTTPS for debug address
  • lxd/node/config: Canonicalize core.debug_address
  • lxd/daemon: Move ahead startTime
  • lxd/warnings: Add ResolveWarningsOlderThan
  • lxd/daemon: Resolve warnings earlier than startTime
  • lxc: Fix aliases containing @ARGS@
  • lxd/db/raft: rename RemoteRaftNode to RemoveRaftNode
  • lxd/db/node/update: Add updateFromV41
  • lxd/db/node/schema: update schema
  • lxd/db/raft: add Name field to RaftNode
  • lxd/storage/driver/zfs: Fix ListVolumes with custom zpool
  • lxd/node/raft: use empty Name if not yet clustered
  • lxd/cluster: handle Name field for RaftNode
  • lxd/cluster/gateway: populate RaftNode Name from global database
  • lxd/api/cluster: add Name field to internalRaftNode struct
  • lxd/main/cluster: add name to 'lxd cluster show/edit'
  • lxd/test: add Name field to RaftNode tests
  • lxd/cluster/recover: append to patch.global.sql if exists
  • lxd/main/cluster: make segmentID a comment instead of struct field
  • doc/clustering: update 'lxd cluster edit' docs
  • lxd: Fix swagger definitions to avoid conflicts
  • doc/rest-api: Refresh swagger YAML
  • doc/instances: Clarify default CPU/RAM for VMs
  • lxd/networks: Handle stateful DHCPv6 leases
  • lxd/networks: Add EUI64 records to leases
  • lxd/device/nic: ensure instance device IP is different from parent network
  • lxd/network/driver/common: Adds bgpNextHopAddress function
  • lxd/network/driver/common: Reduce duplication of logic in bgpSetupPrefixes and uses bgpNextHopAddress
  • lxd/network/driver/common: Removes unnecessary function n.bgpClearPrefixes
  • lxd/network/driver/common: Improve errors in bgpSetup
  • lxd/network/driver/common: Clear address forward BGP prefixes in bgpClear
  • lxd/network/driver/bridge: Setup BGP prefix export in forwardsSetup
  • lxd/daemon/storage: unmount all storage pools on shutdown
  • lxd/project: Change restrictions check function in CheckClusterTargetRestriction
  • lxd/network/network/interface: Adds clientType arg to Forward management functions
  • lxd/network/driver: Add clientType to Forward management functions
  • lxd/network/driver/common: Remove empty newline
  • lxd/network/forwards: Pass clientType into Forward management functions
  • lxd/network/driver/ovn: Update Forward management functions to only apply changes for ClientTypeNormal requests
  • lxd/network/forwards: Removes duplicate record check from networkForwardsPost
  • lxd/network/driver: Moves duplicate forward record check into drivers
  • lxd/network/driver/ovn: Adds cluster member notification to Forward management functions
  • lxd/network/driver/ovn: Refresh BGP prefixes on Forward management
  • lxd/network/driver/common: Include exporting forward addresses in bgpSetup
  • lxd/network/driver/bridge: Remove BGP forward address refresh from forwardSetup
  • lxd/network/driver/bridge: Rename forwardsSetup to forwardSetupFirewall
  • test: Adds BGP prefix export checks to forward tests
  • lxd/cluster/heartbeat: Adds Name field to APIHeartbeatMember
  • lxd/cluster/heartbeat: Preallocate raftNodeMap in Update
  • lxd/cluster/heartbeat: Populate Name in Update
  • lxd/cluster/gateway: Update currentRaftNodes to use a single query to get cluster member info
  • lxd/cluster/gateway: Preallocate raftNodes slice for efficiency
  • lxd/cluster/gateway: Do not query leader cluster DB to enrich raft member name in HandlerFuncs
  • lxd/cluster/recover: Preallocate nodes in Reconfigure
  • lxd/util: Respect modprobe configuration
  • shared/instance: don't allow 'limits.memory' to be 0
  • lxd/cgroup: Add GetMemoryStats
  • lxd/cgroup: Add GetIOStats
  • lxd/cgroup: Add GetCPUAcctUsageAll
  • lxd/cgroup: Add GetTotalProcesses
  • lxd/response: Add SyncResponsePlain
  • lxd/storage/filesystem: Add FSTypeToName
  • lxd/network/openvswitch/ovn: Work around a bug in lr-nat-del in ovn-nbctl in LogicalRouterDNATSNATAdd
  • shared/api/network/forward: Fix api extension references
  • lxd/network/forwards: Use consistent terminology in network address forward swagger comments
  • doc/rest-api: Refresh swagger YAML
  • test: Remove restart tests that don't use --force
  • lxd/daemon/storage: Skip unmounting LVM pools in daemonStorageUnmount
  • lxc: Cleanup LXD client imports
  • lxd: Cleanup LXD client imports
  • lxc-to-lxd: Cleanup LXD client imports
  • lxc/cluster: Show roles instead of database column
  • tests: Support for showing roles by
  • i18n: Update translation templates
  • doc: update link to rest-api.yaml
  • Typo
  • lxd/device/tpm: Require path only for containers
  • lxd/instance: Fix response for patch
  • swagger: Fix return code for operations
  • doc/rest-api: Refresh swagger YAML
  • lxd/endpoints/network: Specify protocol version for 0.0.0.0 address
  • doc: Document recently added architectures
  • seccomp: Add riscv64 syscall mappings
  • shared/api: Add CertificateTypeMetrics
  • lxd/db: Add CertificateTypeMetrics
  • lxd: Check metrics certificates
  • lxc/config_trust: Allow adding metrics certificates
  • lxd/metrics: Add API types
  • lxd/metrics: Add types
  • lxd/metrics: Add helper functions
  • lxd: Add metrics related fields to daemon
  • lxd: Add /1.0/metrics endpoint
  • lxd/instance/drivers: Add Metrics function
  • lxd-agent: Add metrics endpoint
  • api: Add metrics API extension
  • i18n: Update translation templates
  • doc/rest-api: Refresh swagger YAML
  • doc: Add metrics.md
  • doc: Mention core.metrics_address
  • test/suites: Add lxd/metrics to static analysis
  • shared/util: Add HTTPSMetricsDefaultPort
  • lxd/node: Add core.metrics_address config key
  • lxd/endpoints: Add metrics endpoint
  • lxd: Handle metrics server
  • test: Add metrics test
  • lxd/daemon/storage: Renames daemonStorageUnmount to daemonStorageVolumesUnmount
  • lxd/daemon: Rename numRunningContainers numRunningInstances
  • Fix documented HTTP return code in console POST
  • doc/rest-api: Refresh swagger YAML
  • lxd/main/daemon: Rework cmdDaemon shutdown process
  • lxd/storage/drivers/driver/lvm: Fix Unmount to be more reliable
  • lxd/storage/drivers/driver/lvm: Fix Mount to be more reliable
  • lxd/main/daemon: Removes LVM shutdown unmount workaround
  • doc/rest-api: Add missing entry for 112 (error)
  • lxd/instance/drivers: Move raw.lxc config load to separate function
  • lxd/instance/drivers: Fix raw.lxc handling for shutdown/stop
  • lxd/storage/filesystem: Removes duplicated constants from unix package
  • lxd/storage/filesystem/fs: Removes duplicated constants from unix package
  • lxd/storage/filesystem/fs: Update FSTypeToName to work on 32bit platforms
  • lxd/instance/drivers/driver/lxc: filesystem.FSTypeToName usage
  • lxd-agent/metrics: filesystem.FSTypeToName usage
  • lxd/storage/drivers/driver/lvm: Skip unmount
  • lxd/cgroup: Implement CPU usage for cgroup v2
  • shared/json: Removes DebugJson from shared
  • lxd/cgroup: Fix logging in cgroup init
  • lxd/util/http: Adds DebugJSON function
  • lxd/util/http: Adds debugLogger arg to WriteJSON
  • lxd/main: Set response debug mode based on --debug flag
  • lxd/response/response: Reworks syncResponse to use util.WriteJSON
  • lxd/response/response: Adds util.DebugJSON support to errorResponse
  • lxd/operations/response: Adds util.WriteJSON support to operationResponse
  • lxd/operations/response: Adds util.WriteJSON support to forwardedOperationResponse
  • lxd/endpoints/endpoints/test: util.WriteJSON usage
  • lxd/cluster/notify/test: util.WriteJSON usage
  • lxd/devlxd: Adds util.WriteJSON support to hoistReq
  • lxd-agent/devlxd: Add util.WriteJSON support to hoistReq
  • lxd-agent/server: util.DebugJSON usage
  • lxd/daemon: Clearer logging of API requests in createCmd
  • lxd/daemon: util.DebugJSON usage in createCmd
  • lxd/cluster/gateway: util.WriteJSON usage
  • lxd/response/response: Use api.ResponseRaw in error response
  • client/interfaces: Corrects typo in GetNetworkForward
  • lxd/db/network/forwards: Fix error handling in GetNetworkForward
  • lxd/instances: containerStopList -> instanceStopList
  • lxd/instances: Handle VMs in instancesOnDisk
  • lxd/instances: s/containers/instances/
  • lxd/instances: Rename old container variables
  • lxd/instances: Check DB before calling VolatileSet
  • lxc/network/forward: Add lxc network forward get command
  • i18n: Update translation templates
  • lxd/util: Handle ':8443' syntax in ListenAddresses
  • lxd/util/http: Improve comment on ListenAddresses
  • lxd/util/http: Improve argument name in configListenAddress
  • lxd/util/http: Use net.JoinHostPort in ListenAddresses rather than wrapping IPv6 addresses in []
  • lxd/util/http: Improve ListenAddresses by breaking the parsing into phases
  • lxd/util/http/test: Adds ExampleListenAddresses function
  • lxd: Remove public facing errors that mention cluster "node"
  • shared/api/url: Adds URL builder type and functions
  • lxd/network/network/utils: Updates UsedBy to use api.URLBuild
  • doc/metrics: typo fix
  • lxc/file: use flagMkdir to create dirs on lxc pull
  • lxc/file: add DirMode constant for 'lxc file'
  • lxd/api/cluster: only change member role from leader
  • test/suites/clustering: wait for node shutdown to propagate to members
  • lxd/storage/drivers: Support generic custom block volume backup/restore
  • lxd/storage/drivers/zfs: Drop restriction on custom block volume backup/restore
  • lxd/storage/drivers/btrfs: Drop restriction on custom block volume backup/restore
  • lxd/main/shutdown: Updates cmdShutdown to handle /internal/shutdown being synchronous
  • lxd/api/internal: Updates shutdown request to wait for d.shutdownDoneCtx
  • lxd/main/daemon: Call d.shutdownDoneCancel when daemon function ends
  • lxd/daemon: Adds shutdownDoneCtx context to indicate shutdown has finished
  • lxd: d.shutdownCtx usage
  • lxd/main/daemon: d.shutdownCancel usage in daemon function
  • lxc/config_trust: Delete only works on fingerprints
  • i18n: Update translation templates
  • test: Log PID of process being killed
  • test: Require node removal to succeed in test_clustering_remove_leader
  • lxd/storage/drivers: Checks that mount refCount is zero in all drivers
  • lxd/storage/drivers/driver/cephfs/volumes: Adds mount ref counting
  • lxd/device/disk: Use errors.Is() when checking for storageDrivers.ErrInUse in Update
  • lxd/device/disk: Ignore storageDrivers.ErrInUse error from pool.UnmountCustomVolume in postStop
  • lxd/storage/drivers: Log volName in UnmountVolume
  • lxd/instance/drivers: Add instance type to metrics
  • lxd: add core scheduling support
  • lxd/response/response: Adds manualResponse type
  • lxd/api/cluster: Removes arbitrary 3s wait in clusterPutDisable which was causing test issues
  • test: Wait for daemons to exit in test_clustering_remove_leader
  • lxd/api/cluster: Add logging to clusterPutDisable
  • test: Detect if clustering network needs removing
  • lxd/qemu: Disable large decrementor on ppc64le
  • lxd/daemon: Reworks shutdown sequence
  • lxd/daemon: Reworks Stop
  • lxd/api/cluster: d.shutdownCtx.Err usage
  • lxd/api/internal: d.shutdownCtx.Err usage
  • lxd: daemon.Stop usage
  • lxd/operations: Updates waitForOperations to accept context
  • lxd/main/shutdown: Require valid response from /internal/shutdown in cmdShutdown
  • lxd: db.OpenCluster usage
  • lxd/cluster/membership: Update notifyNodesUpdate to wait until all heartbeats have been sent
  • lxd/db/db: Replace clusterMu and closing with closingCtx in OpenCluster
  • lxd/api/cluster: Improves logging
  • lxd/api/internal: Rework internalShutdown to return valid response as LXD is shutdown
  • lxd/daemon: db.OpenCluster usage in init
  • lxd/daemon: Improved logging and error handling in init
  • lxd/main/daemon: Reworks cmdDaemon to use d.shutdownDoneCh and call d.Stop()
  • test: Increase timeouts on ping tests
  • lxd/daemon: Adds daemon started log
  • lxd/daemon: Whitespace in NodeRefreshTask
  • lxd/api/cluster: Improve logging in handoverMemberRole
  • lxd/api/cluster: Adds cluster logging
  • test: Addition test logging
  • lxd/cluster/membership: Improve logging in Rebalance
  • lxd/daemon: Stop clustering tasks during Stop
  • lxd/api/cluster: Improve logging in clusterNodeDelete
  • test: Try and kill LXD daemon that fails to start
  • lxd/dameon: Removes unnecessary go routines in NodeRefreshTask
  • lxd/db/db: Use db.PingContext in OpenCluster
  • lxd/db/db: Rework logging and error handling in OpenCluster
  • lxc/file: Fix file push help message
  • lxd/storage/drivers: Handle symlinks when walking file tree
  • test/suites/backup: Add cephfs
  • test/suites/backup: Check file content for storage volume backups
  • i18n: Update translation templates
  • lxd/cgroup: Fix GetIOStats on cgroup2
  • lxd/endpoints/network/test: Test tcp4 interface and request via IPv6
  • lxd/endpoints/network/test: Test tcp4 connection with configured 0.0.0.0 network address
  • i18n: Update translations from weblate
  • gomod: Update dependencies

Try it for yourself

This new LXD release is already available for you to try on our demo service.

Downloads

The release tarballs can be found on our download page.

Binary builds are also available for:

  • Linux: snap install lxd
  • MacOS: brew install lxc
  • Windows: choco install lxc

LXD 4.18 has been released

3rd of September 2021

Introduction

The LXD team is very excited to announce the release of LXD 4.18!

This is quite the busy release with quite a few major new features and a variety of other enhancements and fixes.

Enjoy!

New features and highlights

Transition to Go modules

LXD has now finally moved to using Go modules. This change should be entirely invisible to our users but will affect those importing our Go client package or packaging a LXD release.

This should work as expected with our Makefile having been updated to handle the change. The release tarball is doing away with the dist directory and it's now replaced by the standard vendor directory which is natively supported by Go.

Network forwards (floating IPs)

Bridge and OVN managed networks now support network forwards.

This allows allocating some addresses from the network's own subnet or from an external subnet allowed in your project (if the project is restricted) and then have it forward to any address within the network.

Additionally, a network forward can be used to have one address forward to multiple internal addresses based on the protocol and port.

stgraber@dakara:~$ lxc list u1
+------+---------+-----------------------+--------------------------------------------+-----------+-----------+
| NAME |  STATE  |         IPV4          |                    IPV6                    |   TYPE    | SNAPSHOTS |
+------+---------+-----------------------+--------------------------------------------+-----------+-----------+
| u1   | RUNNING | 172.17.250.244 (eth0) | 2602:fc62:b:250:71c2:a0d8:4a72:e17a (eth0) | CONTAINER | 0         |
+------+---------+-----------------------+--------------------------------------------+-----------+-----------+
stgraber@dakara:~$ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
From 170.39.196.149 icmp_seq=1 Destination Net Unreachable
--- 192.168.1.1 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

stgraber@dakara:~$ lxc network forward create lxdbr0 192.168.1.1 target_address=172.17.250.244
Network forward 192.168.1.1 created
stgraber@dakara:~$ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.110 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.049 ms
--- 192.168.1.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1027ms
rtt min/avg/max/mdev = 0.049/0.079/0.110/0.030 ms

stgraber@dakara:~$ nc -v 192.168.1.1 3389
nc: connect to 192.168.1.1 port 3389 (tcp) failed: Connection refused
stgraber@dakara:~$ lxc list win11
+-------+---------+-----------------------+--------------------------------------------+-----------------+-----------+
| NAME  |  STATE  |         IPV4          |                    IPV6                    |      TYPE       | SNAPSHOTS |
+-------+---------+-----------------------+--------------------------------------------+-----------------+-----------+
| win11 | RUNNING | 172.17.250.173 (eth0) | 2602:fc62:b:250:a7ad:46a9:82b6:50db (eth0) | VIRTUAL-MACHINE | 1         |
+-------+---------+-----------------------+--------------------------------------------+-----------------+-----------+
stgraber@dakara:~$ lxc network forward port add lxdbr0 192.168.1.1 tcp 3389 172.17.250.173
stgraber@dakara:~$ nc -v 192.168.1.1 3389
Connection to 192.168.1.1 3389 port [tcp/ms-wbt-server] succeeded!
stgraber@dakara:~$ lxc network forward show lxdbr0 192.168.1.1
description: ""
config:
  target_address: 172.17.250.244
ports:
- description: ""
  protocol: tcp
  listen_port: "3389"
  target_port: ""
  target_address: 172.17.250.173
listen_address: 192.168.1.1
location: none

In this example, an external address (192.168.1.1) is added as a forward address to a local bridge network (lxdbr0), it's configured to point to u1 for all traffic, then reconfigured to have port 3389 sent to the win11 instance instead.

Specification: https://discuss.linuxcontainers.org/t/lxd-floating-ip-addresses/11801
Documentation: https://linuxcontainers.org/lxd/docs/master/network-forwards

Native BGP support

LXD supports many network configurations. Some of those can be used to get public addresses directly to instances.

In such scenarios, you may need to get those individual addresses or subnets routed to the correct LXD server so that the server may then forward the traffic to the instance.

This can be done manually by putting static routing entries in the router but that can get quite annoying and error prone when dealing with many entries.

Enter dynamic routing and BGP. With BGP support, LXD can directly be connected to the relevant upstream routers and will then start announcing all external addresses and subnets it uses.

This is configured through a series of new configuration options.
At the server config level, these are:

  • core.bgp_address
  • core.bgp_asn
  • core.bgp_routerid

Then at the network level (bridge or OVN uplink network):

  • bgp.peers.NAME.address
  • bgp.peers.NAME.asn
  • bgp.peers.NAME.password (optional)
  • bgp.ipv4.nexthop (optional, bridge only)
  • bgp.ipv6.nexthop (optional, bridge only)

And with that, LXD will establish peering sessions and start advertising all external (non-NAT) IPv4 and IPv6 addresses and subnets!

fw-wan01# show bgp summary·
IPv4 Unicast Summary:
BGP router identifier 45.45.148.250, local AS number 399760 vrf-id 0
BGP table version 200
RIB entries 39, using 7488 bytes of memory
Peers 4, using 85 KiB of memory
Peer groups 4, using 256 bytes of memory

Neighbor                             V         AS   MsgRcvd   MsgSent   TblVer  InQ OutQ  Up/Down State/PfxRcd   PfxSnt
45.45.148.251                        4     399760     19844     19843        0    0    0 4d22h57m            1        4
45.45.148.252                        4     399760     19850     19849        0    0    0 5d19h19m            1        4
45.45.148.254                        4      64600     19838     19838        0    0    0 01w6d18h            2        0
2602:fc62:b:1000:5436:5b25:64e4:d81a 4     399760     39020     38840        0    0    0 00:15:09            3        0

Total number of neighbors 4

IPv6 Unicast Summary:
BGP router identifier 45.45.148.250, local AS number 399760 vrf-id 0
BGP table version 197
RIB entries 47, using 9024 bytes of memory
Peers 4, using 85 KiB of memory
Peer groups 4, using 256 bytes of memory

Neighbor                             V         AS   MsgRcvd   MsgSent   TblVer  InQ OutQ  Up/Down State/PfxRcd   PfxSnt
2602:fc62:b:101::251                 4     399760     19844     19843        0    0    0 4d22h56m            1        3
2602:fc62:b:101::252                 4     399760     19850     19849        0    0    0 5d19h19m            1        3
2602:fc62:b:101::254                 4      64600     19838     19839        0    0    0 01w6d18h            1        3
2602:fc62:b:1000:5436:5b25:64e4:d81a 4     399760     39020     38840        0    0    0 00:15:09            3        0

Total number of neighbors 4

This shows the view from one of my BGP routers where 2602:fc62:b:1000:5436:5b25:64e4:d81a is a LXD server. As can be seen, it's announcing 3 IPv4 and 3 IPv6 prefixes over BGP.

Specification: https://discuss.linuxcontainers.org/t/lxd-bgp-address-route-advertisement/11567
Documentation: https://linuxcontainers.org/lxd/docs/master/networks#bgp-integration

NAT address customization with OVN

Support for both ipv4.nat.address and ipv6.nat.address has now been added for ovn type networks.

This works as one would expect with OVN then using the configured address as the source for egress IPv4 and IPv6 traffic when NAT is enabled.

lxd cluster edit for cluster disaster recovery

LXD clusters need a quorum to function with highly available clusters operating with 3 database servers and a quorum of 2. This allows for the loss of one server while keeping our entire API and database operational.

Now if two machines were to be irrevocably damaged and unable to join back, LXD would refuse to start as no quorum could be reached. This case can be handled by our existing lxd cluster recovery-from-quorum-loss by effectively rewriting the database configuration to eliminate the other servers.

However there can be far more complex cases such as clusters with 8 servers, in which case 3 would be database servers, 2 would be stand-by database servers and the other 3 would be simple clients.

Should two database servers disappear at the exact same time, LXD will refuse to function. But in this environment, you don't want it to just remove all other servers, keep one and try to recover from that.

This kind of scenario is where the new lxd cluster edit and lxd cluster show come in handy. They allow viewing and editing the internal cluster configuration on each server. This can then be used to re-shuffle the roles manually or update network addresses. Then once the change has been done on every server in the cluster, LXD can be started back up.

Documentation: https://linuxcontainers.org/lxd/docs/master/clustering#recover-cluster-members-with-changed-addresses

Refresh support for custom volume copies

lxc storage volume copy now supports a --refresh argument similar to lxc copy.

This allows transferring any missing snapshot as well as transferring the current volume state and can be used to keep an up to date backup of a volume on a different pool or different server.

Additional device restrictions for projects

Project restrictions got updated to include a couple of missing device types.

The two new config options are:

  • restricted.devices.pci
  • restricted.devices.proxy

And both default to block as they should be considered unsafe for untrusted users.

Documentation: https://linuxcontainers.org/lxd/docs/master/projects

--minimal option for lxd init

A new option --minimal is now supported by lxd init.

This is effectively the same as lxd init --auto but with a more accurate name and in a command which doesn't allowed for any additional configuration parameters.

The result is a functional LXD server using a dir storage pool called default and a bridge type network called lxdbr0.

Additional network counters in instance state

In preparation for our work on a metrics (prometheus) endpoint, the network counters on the instances have been expanded a bit to include both dropped packets and errors.

stgraber@dakara:~$ lxc query /1.0/instances/u1/state | jq .network.eth0.counters
{
  "bytes_received": 100946,
  "bytes_sent": 3404,
  "errors_received": 0,
  "errors_sent": 0,
  "packets_dropped_inbound": 0,
  "packets_dropped_outbound": 0,
  "packets_received": 467,
  "packets_sent": 32
}

Complete changelog

Here is a complete list of all changes in this release:

Full commit list
  • global: Disable the completion command
  • lxd/instance/lxc: Rework raw.lxc handling
  • lxd/storage/zfs: Fix bad key name
  • lxd/storage/zfs: Fix ListVolumes to use correct pool name
  • lxd/instance: Don't allow state changes when evacuated
  • lxd/daemon: Don't auto-start instances when evacuated
  • lxd/instance: Rework IsMigratable
  • lxd/device: Add CanMigrate
  • lxd/instance: Move IsMigratable logic to devices
  • lxd/instance/common: Fix error message
  • lxd/cluster: Fix volatile race in restore
  • tests: Fix expected clustering evacuation result
  • i18n: Update translations from weblate
  • lxd/cluster/evacuation: Improve comments
  • lxd/cluster/evacuation: Use correct project in migration
  • lxd/cluster/evacuation: Don't start running instances
  • lxd/cluster/evacuation: Improve status messages
  • lxd/cluster/evacuation: Fix shutdown during restore
  • lxd/cluster/evacuation: Start with restoring local instances
  • doc/instances: Clarifies expectation of uniqueness for volatile.uuid
  • lxd/instance/instance/utils: Allow cross-project same instance matching on volatile.uuid in IsSameLocgicalInstance
  • lxd: Fix typo in spelling of IsSameLogicalInstance
  • lxd/device/nic/routed: Specify zero broadcast address
  • test: Add test for routed NIC to ensure broadcast address isn't set by liblxc
  • lxd/network/driver/ovn: Error quoting in Validate
  • lxd/network/driver/ovn: Adds externalSubnetUsage type
  • lxd/network/driver/ovn: Improve comments in Validate
  • lxd/network/driver/ovn: Update ovnNetworkExternalSubnets to return externalSubnetUsage
  • lxd/network/driver/ovn: Updates ovnNICExternalRoutes to return externalSubnetUsage
  • lxd/network/driver/ovn: Adds getExternalSubnetInUse function
  • lxd/network/driver/ovn: n.getExternalSubnetInUse usage in Validate
  • lxd/network/driver/ovn: n.getExternalSubnetInUse usage in InstanceDevicePortValidateExternalRoutes
  • api: Adds network_ovn_nat_address extension
  • lxd/network/driver/ovn: Adds network external NAT address detection to ovnNetworkExternalSubnets
  • lxd/network/driver/ovn: Adds ipv4.nat.address and ipv6.nat.address support to OVN networks
  • lxd/network/driver/ovn: Skip our own network's external NAT address during NIC validation of external routes
  • doc/networks: Adds ipv{n}.nat.address to ovn network
  • lxd/project/permissions: Removes defaultRestrictionsValues and merges into allRestrictions
  • lxd/project/permissions: Add restricted.devices.{pci,proxy} defaulting to block
  • doc/projects: Adds restricted.devices.{pci,proxy} docs
  • lxd/api/project: Add restricted.devices.{pci,proxy} validation
  • scripts/bash/lxd-client: Adds restricted.devices.{pci,proxy} to bash completion
  • lad/project/permissions: Implement restricted.devices.{pci,proxy} restrictions
  • lxd/device/device/utils/proxy: Improve error messages from ProxyParseAddr
  • lxd/device/proxy: Use validation helpers for clarity
  • lxd/device/proxy: Consistent error endings
  • lxd/device/proxy: Don't allow NAT mode when used inside projects with networks feature
  • lxd: Switch to new fsnotify
  • lxd/device/gpu_mdev: Switch to common UUID package
  • lxd/network/errors: ErrUnknownDriver comment ending
  • lxd/network/errors: Adds ErrNotImplemented error
  • lxd/device/device/utils/network: Removes networkParsePortRange
  • lxd/network/network/utils: Adds ParsePortRange function
  • lxd/device/device/utils/proxy: network.ParsePortRange usage
  • global: Use shorter uuid generation syntax
  • lxd/init: Introduce --minimal
  • lxc: join tokens are removed by member name, not token
  • i18n: Update translation template
  • lxd/init: Allow preseeding cluster_token
  • lxd/main: Replace cluster node with cluster member
  • shared/validate: Fix IPv6 wildcard handling in IsListenAddress
  • lxd/device/gpu_mdev: Fix mdevUUID logic
  • lxd/response: Rework SmartError to handle wrapped errors from stdlib errors and github.com/pkg/errors
  • lxd/storage/pools: Use SmartError in storagePoolsPost
  • lxd/storage/pools/utils: Wrap errors in storagePoolDBCreate
  • lxd/db/transaction: Adds QueryScan helper function
  • lxd/db/network/acls: Convert to use tx.QueryScan and tx.tx.QueryRow
  • test: Update tests with new error text
  • lxd/storage/backend/lxd: Allow removal of quota from VM filesystem volume if main quota is removed
  • lxd/storage/drivers/driver/btrfs/volumes: Add log for VM block file quota accounting in SetVolumeQuota
  • lxd/storage/drivers/driver/dir/volumes: Add log for VM block file quota accounting in SetVolumeQuota
  • lxd/storage/drivers/driver/btrfs/volumes: Consistently apply referenced limit only and remove exclusive limits in SetVolumeQuota
  • lxd/network/bridge: Comments
  • shared/validate: Add IsInRange
  • lxd/endpoints: Correct bad comment
  • lxd/endpoints: Rename serveHTTP to serve
  • doc/rest-api: Refresh swagger YAML
  • lxd/network/network/utils: Check end port is higher than start port in ParsePortRange
  • lxd/network/network/utils: Adds SubnetContainsIP function
  • lxc/network/acl: Fix typos in RunRemove
  • lxd/cluster/recover: add Recover
  • lxd/cluster/recover: add updateLocalAddress
  • shared/api/error: Adds StatusError type
  • lxd/response/smart: Updates SmartError to detect and use api.StatusError type errors
  • lxd/network/driver/ovn: Update validateExternalSubnet to use api.StatusErrorf()
  • client/lxd: Updates lxdParseResponse to "interface smuggle" an api.StatusError type when getting an error response from API
  • lxd/storage/backend/lxd: Restore pool directory structure on mount if needed
  • test: Update container recovery tests to check for pool directory structure rebuild
  • lxd/db/db: add DqliteLatestSegment
  • lxd/main/cluster: add ClusterConfig and ToRaftNode
  • lxd/cluster: Drop translated string
  • lxd/main/cluster: add 'lxd cluster edit' command
  • lxd/main/cluster: add validateNewConfig
  • test/suites/clustering: add test_clustering_edit_configuration
  • lxd/main/cluster: add 'lxd cluster show' command
  • lxd/rbac: Drop old API
  • lxd/api_1.0: Improve structure
  • lxd/daemon: Improve structure
  • lxd/network/physical: Align with bridged
  • gomod: Initial port
  • tests: Silence grep notices
  • doc/index: Clarify CRIU example
  • doc/index: Update for gomod
  • Makefile: Tweak PHONY targets
  • Makefile: Tweak static-analysis
  • Makefile: Switch to gomod
  • tests: Update for gomod
  • github: Update for gomod
  • gomod: Update dependencies
  • lxd/db/network/acls: Removes unnecessary function
  • lxd/db/network/acls: Removes networkACLConfig from Cluster type for consistency with networkACLConfigAdd
  • lxd/network/driver/common: Updates validate to use shared.IsUserConfig
  • Makefile: Cleanup if statements
  • Makefile: Add support for LXD_OFFLINE
  • client/util: Adds urlsToResourceNames function
  • client: Switch *Names functions to use urlsToResourceNames
  • doc/instances: Capitalize NIC
  • lxd/device/nic_bridged: Load network during validation
  • gomod: Update for gobgp
  • api: network_bgp
  • doc: Add new configuration keys for BGP
  • lxd/device/nic_bridged: Support ipv4.routes.external and ipv6.routes.external
  • scripts: Add BGP config keys
  • lxd/node: Add core.bgp_address and core.bgp_routerid
  • lxd/cluster: Add core.bgp_asn
  • lxd/bgp: Add BGP server
  • lxd/daemon: Integrate BGP server
  • lxd/network: Add BGP config keys
  • lxd/network: Add BGP helpers
  • lxd/network/physical: Add BGP support
  • lxd/network/bridge: Add BGP support
  • lxd/network/ovn: Add BGP support
  • lxd/device: Shared BGP functions
  • lxd/device/nic_bridged: Add BGP support
  • lxd/device/nic_ovn: Add BGP support
  • doc/networks: Add section on BGP
  • lxd/firewall/drivers/driver/consts: Adds AddressForward type
  • lxd/firewall/firewall/interface: Updates InstanceSetupProxyNAT to accept AddressForward
  • lxd/firewall/drivers/driver/xtables: Updates to support AddressForward
  • lxd/firewall/drivers/drivers/nftables: Updates to support AddressForward
  • lxd/firewall/drivers/drivers/nftables: Separate DNAT rules from SNAT rules in InstanceSetupProxyNAT
  • lxd/device/config/device/proxyaddress: Separate address and ports in ProxyAddress
  • lxd/device/device/utils/proxy: Updates ProxyParseAddr to support new ProxyAddress format
  • lxd/device/proxy: Updated to support firewallDrivers.AddressForward and ProxyAddress changes
  • lxd/main/forkproxy: Updates to support changed ProxyAddress
  • lxd/main/forkproxy/test: Updates tests to refect new ProxyAddress structure
  • Makefile: Use go env GOPATH command to get GOPATH rather than env var GOPATH
  • Makefile: Build lxd-generate directly to $(GOPATH)/bin/lxd-generate
  • lxd/db/generate/lex/parse: Remove github.com/pkg/errors dependency
  • lxd/db/generate/lex/parse: Updates Parse to take an absolute path to package directory
  • lxd/db/generate/lxd/parse/test: Updates TestParse
  • lxd/db/generate/db/parse: Updates Packages and defaultPackages to work relative to the LXD source tree
  • lxd: implement volume import/export for CephFS
  • lxd/main: Add setfattr to dependencies
  • lxc/info: Use local timezone
  • test/suites/clustering: use 'lxd cluster show' for tests
  • lxd/cluster/membership: make waitLeadership public
  • shared/api/error: Removes pointer receivers from StatusError functions
  • shared/api/error: Adds StatusErrorMatch helper function
  • lxd/response/smart: api.StatusErrorMatch usage in SmartError
  • Makefile: Set GO111MODULE=on for update-api
  • client/util: Update urlsToResourceNames to reduce allocations
  • lxd/network/network/utils: Adds ParseIPToNet and ParseIPCIDRToNet functions
  • api: Adds network_forward extension
  • shared/api/network/forward: Adds shared structs for network address forwards
  • lxd/lifecycle/network/forward: Adds network forwards lifecycle helper
  • lxd/db/cluster/update: Adds updateFromV49 to create networks_forwards and networks_forwards_config table
  • lxd/db/network/forwards: Adds network forward management functions
  • lxd/db/network/forwards: Adds GetProjectNetworkForwardListenAddressesByUplink function
  • lxd/network/network/interface: Adds network forward management definitions
  • lxd/network/driver/common: Adds AddressForwards to Info
  • lxd/network/driver/common: Adds common network forward functions
  • lxd/network/openvswitch/ovn: Adds LoadBalancerApply function
  • lxd/network/openvswitch/ovn: Adds LoadBalancerDelete function
  • lxd/network/driver/ovn: Updates getExternalSubnetInUse to detect network forward listen addresses
  • lxd/network/driver/ovn: Adds network forward support
  • lxd/network/driver/ovn: Delete network forwards when network is deleted
  • lxd/network/driver/ovn: Check that any existing forward target addresses are within the network's subnet(s) in Validate
  • lxd/network/driver/ovn: Update Info to get common defaults and override as needed
  • lxd/network/forwards: Adds network forwards APIs
  • client/lxd/network/forward: Adds network forwards functions
  • lxc/network/forward: Adds network forward CLI commands
  • i18n: Update translation template
  • doc/rest-api: Refresh swagger YAML
  • doc: Adds network forward docs
  • lxd/api/cluster: handover leadership when removing leader
  • test/suites/clustering: add test_clustering_remove_leader
  • lxd/util/sys: add ReplaceDaemon
  • lxd/api/cluster: replace daemon when disabling clustering
  • api: custom_volume_refresh
  • shared/api: Add Refresh to StorageVolumeSource
  • doc/rest-api: Refresh swagger YAML
  • client: Add Refresh flag to StoragePoolVolumeCopyArgs
  • lxd/storage: Improve errors
  • lxd/storage/utils: Add SyncSnapshotsVolumeGet
  • lxd/storage: Fix Refresh with CreateCustomVolumeFromMigration
  • lxd/storage: Add RefreshCustomVolume method for lxdBackend
  • lxd/migrate: Add refresh for custom volumes
  • lxd/storage: Add Refresh support for custom volumes
  • lxc/storage/volume: Add refresh flag to copy
  • i18n: Update translation templates
  • tests: Add test cases for copy operation refresh flag
  • doc/index: Update min packages required to operate LXD
  • doc/index: Add recommendation about min memory size needed
  • doc: Don't assume that Go's bin path is ~/go/bin
  • doc/requirements: Adds minimum memory requirements to build
  • lxd/network/network/utils: Adds nicUsesNetwork function
  • lxd/network/driver/ovn: Parse mulitple CIDR routes in ovnNICExternalRoutes
  • lxd/network/driver/common: Moves externalSubnetUsage to common
  • lxd/network/driver/ovn: Removes externalSubnetUsage
  • lxd/network/driver/ovn: externalSubnetUsage updated usage
  • lxd/network/driver/ovn: Updates ovnNetworkExternalSubnets to use nicUsesNetwork function
  • lxd/db/network/forwards: Corrects description of GetProjectNetworkForwardListenAddressesByUplink
  • lxd/db/network/forwards: Consistent formatting in GetProjectNetworkForwardListenAddressesByUplink
  • lxd/util/net: add IsWildcardAddress
  • lxd/api/cluster: block core.https_address wildcard in cluster bootstrap
  • doc/clustering: add 'lxd cluster edit' documentation
  • lxd/endpoints/network: don't give up if no network listeners exist
  • lxd/endpoints/cluster: check for unset networkAddress before returning
  • lxd/endpoints/endpoints: fallback from network to cluster address
  • lxd/node/config: assign default port to listener addresses if none given
  • test/suites/clustering: expand tests to check listener addresses
  • lxc/main/aliases: Fix panic when empty argument passed to lxc command
  • test: Improve container devices proxy xtables tests
  • test: Fix tabbing in container devices proxy test
  • shared/api: Add Errors{Received,Sent} to network counters
  • shared/netutils: Fill Errors counters
  • doc: Update Rest API
  • test: Improve error checks for proxy device
  • lxd/db/network/forwards: Improve comments
  • lxd/db/network/forwards: Adds memberSpecific arg to GetNetworkForwardListenAddresses
  • lxd/db/network/forwards: Adds memberSpecific arg to GetNetworkForwards
  • lxd/network/forwards: cluster.GetNetworkForwards usage
  • lxd/network/forwards: cluster.GetNetworkForwardListenAddresses
  • lxd/network/driver/ovn: n.state.Cluster.GetNetworkForwards usage
  • lxd/network/driver/ovn: n.state.Cluster.GetNetworkForwardListenAddresses usage
  • lxd/firewall/drivers/drivers/nftables: Rework InstanceSetupProxyNAT to accomodate network forward support
  • lxd/firewall/drivers/drivers/xtables: Fix proxy NAT listen port in InstanceSetupProxyNAT
  • api: Add network_counters_errors extension
  • lxd/network/network/utils: Adds BridgeNetfilterEnabled function
  • lxd/device/proxy: network.BridgeNetfilterEnabled usage
  • lxd/device/nic/bridged: network.BridgeNetfilterEnabled usage
  • lxd/device/proxy: Improve connect IP error messages
  • shared/api: Add PacketsDropped{Inbound,Outbound} to network counter
  • shared/netutils: Fill Dropped counters
  • doc: Update Rest API
  • api: Extend network_counters_errors API extension
  • lxd/device/proxy: Improve post-start error messages to include device name
  • lxd/device/proxy: Use structured logging for br_netfilter warning in setupNAT
  • Remove mkdocs.yml
  • .github/workflows: Update go versions
  • lxd/network/network/utils: Exports NICUsesNetwork
  • lxd/network/driver/ovn: NICUsesNetwork usage
  • lxd/device/nic/bridged: network.NICUsesNetwork usage in validate
  • lxd/firewall/firewall/interface: Add NetworkApplyForwards definition
  • lxd/firewall/drivers/drivers/nftables: Adds NetworkApplyForwards implementation
  • lxd/firewall/drivers/drivers/nftables: Updates NetworkClear to remove address forward chains
  • lxd/firewall/drivers/drivers/xtables: Updates iptablesClear to support removing rules by matching multiple comments
  • lxd/firewall/drivers/drivers/xtables: Adds networkForwardIPTablesComment and updates NetworkClear to remove rules with that comment
  • lxd/firewall/drivers/drivers/xtables: Adds iptablesCommentPrefix
  • lxd/firewall/drivers/drivers/xtables: Adds NetworkApplyForwards implementation
  • lxd/db/network/forwards: Adds GetProjectNetworkForwardListenAddressesOnMember function
  • lxd/network/driver/bridge: Adds network forward support
  • lxd/device/nic/bridged: Consistent comment ending
  • lxd/device/nic/bridged: Enable hairpin mode on NIC ports when network has forwards
  • doc: Add bridge network forwards docs
  • test: Adds network forward tests for bridge nftables and xtables
  • lxc/copy: Don't allow --refresh and --no-profiles
  • i18n: Update translation templates
  • lxc/cluster: Comment improvement
  • lxd/api/cluster: Adds mutex to clusterNodesPost to prevent concurrent requests creating duplicates
  • gomod: Update dependencies
  • i18n: Update translations from weblate

Try it for yourself

This new LXD release is already available for you to try on our demo service.

Downloads

The release tarballs can be found on our download page.

Binary builds are also available for:

  • Linux: snap install lxd
  • MacOS: brew install lxc
  • Windows: choco install lxc

LXD 4.17 has been released

6th of August 2021

Introduction

The LXD team is very excited to announce the release of LXD 4.17!

This release comes with a couple of major features, our reworked disaster recovery mechanism and the ability to perform cluster member evacuations. On top of that, lxc info got a bit of a rework, and there were a number of other smaller improvements around events and the resources API.

LXD 4.17 is the first release coming with major features that went through our new specification process. The relevant specifications are linked below and the entire list of specifications can be found here: https://discuss.linuxcontainers.org/c/specifications/18

Enjoy!

New features and highlights

lxd import replaced by new lxd recover

For a long time, LXD's disaster recovery story was based on our lxd import command. This would go look for a specified instance at the expected path on the filesystem, read the backup.yaml file that's part of instance storage and based on that information would recreate the instance's database entry.

While this definitely worked and was successfully used by quite a few people who for one reason or another lost their LXD database, it was limited to instances only and was requiring quite a bit of manual intervention to get the instance filesystem in place so it could be read and imported by LXD.

This has now all been replaced by a new lxd recover command. This is an interactive command somewhat similar to lxd init. It allows importing both instances and custom storage volumes and supports both pre-existing storage pools and missing storage pools.

The lxd recover experience starts with a summary of the existing storage pools, then any missing storage pool can be added. This is then followed by a scan of all storage pools for missing instances or custom storage volumes. As part of the scan, any missing dependencies (profiles, projects, networks, ...) are also reported. Once the user has had a chance to add any of those missing dependencies, they can proceed with the import.

Associated specification for this feature: https://discuss.linuxcontainers.org/t/lxd-new-disaster-recovery-tool/11296

Cluster member evacuation

Production cluster members all require maintenance at one time or another.
Whether it's for routine system updates or for hardware maintenance, there are times where the administrator will need all instances on the system to be stopped or moved away.

That's what the new cluster evacuation API and CLI makes very easy to do.
The administrator can now just run lxc cluster evacuate lxd01 and all instances on lxd01 will either be migrated to another cluster member or will be stopped.

The default behavior is to attempt a migration so long as the instance isn't using local resources that makes it impossible to migrate. If an instance can't be migrated, then it will instead be stopped. This behavior can be controlled through the cluster.evacuate configuration option.

Once the system is fully back online, running lxc cluster restore lxd01 will move back any instance that was moved away and then bring all instances back up.

Associated specification for this feature: https://discuss.linuxcontainers.org/t/lxd-cluster-member-evacuation/11330

Reworked lxc info output

The output of lxc info has been reworked quite a bit. The most visible change is likely going to be the tables to show the list of snapshots and backups.
On top of that, the network information and statistics have been cleaned up and expanded and it's now using IEC units for memory and disk information.

The result looks something like this:

Name: a1
Status: RUNNING
Type: container
Architecture: x86_64
PID: 3479583
Created: 2021/08/04 22:33 UTC
Last Used: 2021/08/04 22:33 UTC

Resources:
  Processes: 5
  Disk usage:
    root: 532.00KiB
  CPU usage:
    CPU usage (in seconds): 4
  Memory usage:
    Memory (current): 2.28MiB
    Memory (peak): 3.99MiB
  Network usage:
    eth0:
      Type: broadcast
      State: UP
      Host interface: vethf604ab4a
      MAC address: 00:16:3e:e2:d8:96
      MTU: 1500
      Bytes received: 107.93kB
      Bytes sent: 28.14kB
      Packets received: 930
      Packets sent: 206
      IP addresses:
        inet:  10.166.11.136/24 (global)
        inet6: fd42:4c81:5770:1eaf:216:3eff:fee2:d896/64 (global)
        inet6: fe80::216:3eff:fee2:d896/64 (link)
    lo:
      Type: loopback
      State: UP
      MTU: 65536
      Bytes received: 0B
      Bytes sent: 0B
      Packets received: 0
      Packets sent: 0
      IP addresses:
        inet:  127.0.0.1/8 (local)
        inet6: ::1/128 (local)

Snapshots:
+-------+----------------------+----------------------+----------+
| NAME  |       TAKEN AT       |      EXPIRES AT      | STATEFUL |
+-------+----------------------+----------------------+----------+
| snap0 | 2021/08/04 22:33 UTC | 2030/01/01 00:00 UTC | NO       |
+-------+----------------------+----------------------+----------+
| snap1 | 2021/08/04 22:33 UTC |                      | NO       |
+-------+----------------------+----------------------+----------+

Backups:
+---------+----------------------+----------------------+---------------+-------------------+
|  NAME   |       TAKEN AT       |      EXPIRES AT      | INSTANCE ONLY | OPTIMIZED STORAGE |
+---------+----------------------+----------------------+---------------+-------------------+
| backup0 | 2021/08/04 22:33 UTC |                      | NO            | NO                |
+---------+----------------------+----------------------+---------------+-------------------+
| backup1 | 2021/08/04 22:39 UTC |                      | NO            | YES               |
+---------+----------------------+----------------------+---------------+-------------------+
| backup2 | 2021/08/04 22:40 UTC |                      | YES           | NO                |
+---------+----------------------+----------------------+---------------+-------------------+
| backup3 | 2021/08/04 22:40 UTC | 2031/03/23 21:38 UTC | NO            | NO                |
+---------+----------------------+----------------------+---------------+-------------------+

Requestor address in lifecycle event

In addition to the protocol and username which was already recorded as part of lifecycle events, the requestor's IP address is also now recorded.

location: abydos
metadata:
  action: instance-restarted
  requestor:
    address: '[2602:fc62:b:1000:ea29:c5e9:8544:e32d]:36276'
    protocol: candid
    username: stgraber@stgraber.net
  source: /1.0/instances/nsd01?project=core
timestamp: "2021-08-06T04:53:17.571633526Z"
type: lifecycle

USB GPU support in the resources API

The LXD resources API (lxc info --resources) will now properly report USB GPUs like those based on DisplayLink chips.

gpu:
  cards:
  - driver: evdi
    driver_version: 5.11.0-7620-generic
    drm:
      id: 0
      card_name: card0
      card_device: "226:0"
      control_name: controlD64
      control_device: "226:0"
    numa_node: 0
    usb_address: "2:6"

Monitoring of all projects in lxc monitor

A new --all-projects option was added to lxc monitor which as the name implies will allow watching events for all projects rather than just the current one.

Alternative format options in lxc monitor

Again in lxc monitor, a --format option was added which allows for three different kind of output:

  • pretty (same as with --pretty)
  • yaml (same as default behavior)
  • json

Complete changelog

Here is a complete list of all changes in this release:

Full commit list
  • shared/api: Add Address field to EventLifecycleRequestor
  • lxd/api/1.0: Wait until LXD fully started before applying API changes in doApi10UpdateTriggers
  • lxc/cluster: Fix bad format string
  • i18n: Update translation template
  • lxd/daemon: No need to call vmMonitor anymore as its served by devicesRegister
  • lxd/devices: Add logging to devicesRegister
  • lxd/instances: Remove unused vmMonitor
  • shared/instance: Adds volatile.last_state.vsock_id to validation
  • lxd/instance/drivers/driver/qemu: Adds volatile.last_state.vsock_id volatile key
  • doc/instances: Documents volatile.last_state.vsock_id key
  • client: Make staticcheck happy
  • lxd-p2c: Make staticcheck happy
  • lxc-to-lxd: Make staticcheck happy
  • lxd-agent: Make staticcheck happy
  • lxc/list: Use EqualFold for case-insensitive compare
  • lxc: Make staticcheck happy
  • lxd/instance/instance/utils: Adds cleanLogDir bool argument to CreateInternal
  • lxd/request: Support for Address field
  • api: event_lifecycle_requestor_address
  • lxd: instance.CreateInternal usage
  • doc: Renames volatile.last_state.vsock_id to volatile.vsock_id
  • lxd/instance/drivers/driver/qemu: Renames volatile.last_state.vsock_id to volatile.vsock_id
  • shared/instance: Renames volatile.last_state.vsock_id to volatile.vsock_id
  • lxd/db/generate/file/write: add alternate build comment to generated files
  • Makefile: add go formatting for update-schema
  • lxd/db/generate/db/stmt: replace naturalKeyWhere with whereClause
  • lxd/db/generate/db/parse: use kind parameter for Filter generation
  • lxd/db/generate/db/method: pass query kind to Filter
  • lxd/db/generate/db/stmt: use delete-by statements with Filter instead of only by id
  • lxd/db/generate/db/method: use and handle Filter as paramter for Delete method
  • lxd/db/generate/db/method: make Delete into DeleteOne and DeleteMany
  • lxd/db/certificates: add new entries for code generation
  • lxd/db/certificates: add delete-by fields to CertificateFilter
  • lxd/db/certificates: remove old DeleteCertificateByNameAndType
  • lxd/db/certificates.mapper: add new generated code
  • lxd/db/certificates: use Filter as parameter for delete
  • lxd/cluster/membership: use Filter as parameter for delete
  • lxd/db/profiles: add new entries for code generation
  • lxd/db/profiles.mapper: add new generated code
  • lxd/api/project: use Filter as parameter for delete
  • lxd/instance/test: use Filter as parameter for delete
  • lxd/patches: use Filter as parameter for delete
  • lxd/profiles: use Filter as parameter for delete
  • lxd/db/snapshots: add new entries for code generation
  • lxd/db/snapshots.mapper: add new generated code
  • lxd/db/instances: add new entries for code generation
  • lxd/db/instances.mapper: add new generated code
  • lxd/db/instances: use Filter as parameter for delete
  • lxd/db/projects: add new entries for code generation
  • lxd/db/projects.mapper: add new generated code
  • lxd/api/project: use Filter as parameter for delete
  • lxd/node: Improve error handling
  • shared/validate: Add IsListenAddress
  • lxd/lxd: Validate https address for config key core.https_address
  • lxd/storage/ceph: Improve version parsing
  • lxd/device: Fix duplicate MAC test
  • lxd/db/operations: add OperationFilter and operation database fields
  • lxd/db/operations: add new entries for code generation
  • lxd/db/generate/db/mapping: add OperationType as valid type for mapping
  • lxd/db/generate/db/parse: support pointers
  • lxd/db/generate/db/stmt: add create-or-replace statement functionality
  • lxd/db/generate/db/method: add CreateOrReplace method functionality
  • lxd/db/operations: remove hard-coded functions
  • lxd/db/generate/db/parse: handle 'omit' tag
  • lxd/db/generate/db/method: pass mapping kind to Parse for 'omit' tag
  • lxd/db/generate/db/stmt: pass mapping kind to Parse for 'omit' tag
  • lxd/db/generate/db/parse/test: pass mapping kind to Parse for 'omit' tag
  • lxd/db/operations.mapper: add new generated code for operations
  • lxd/db/transaction: add GetNodeID
  • lxd/cluster/membership: use filter parameter for generated operation methods
  • lxd/db/db: use filter parameter for generated operation methods
  • lxd/db/entity: use filter parameter for generated operation methods
  • lxd/db/operations/test: use filter parameter for generated operation methods
  • lxd/operations: use filter parameter for generated operation methods
  • lxd/operations/linux: use filter parameter for generated operation methods
  • Revert "lxd/device: Fix duplicate MAC test"
  • lxd/device/nic/bridged: util.SplitNTrimSpace usage
  • lxd/device/nic/bridged: Improve vlan tagged error message
  • lxd/device/nic/bridge: Validate that vlan and vlan.tagged dont use VLAN 0 when using a managed native linux bridge
  • lxd/node: Relax constraint on cluster address
  • lxd/device/nic/bridged: Exclude NICs that are different type from MAC/IP duplicate checks
  • lxd/device/nic/bridge: Extend parent network exclusions for duplicate MAC/IP checks
  • test: Updates bridged duplicate MAC/IP tests
  • lxd/instance/drivers/qmp/commands: Fixes potential crash in QueryPCI
  • lxd/instance/lxc: Fix swappiness calculation
  • lxd/cluster/info: Increase loadInfo log level for starting local DB
  • lxd/daemon: Modify LXD is starting message to use contextual logging
  • lxd/daemon: Move to contextual logging in init
  • lxd/daemon: Use logger/Debug/Info/logger.Warn rather than logger.Debugf/Infof/Warnf
  • lxd/daemon: Increase some cluster startup/upgrade messages to Warn from Info in init
  • lxd/daemon: Upper case first letter in error in init
  • lxd/storage: Better logging and errors in setupStorageDriver
  • lxd/storage/utils: Removes VolumeDBTypeToTypeName as unused
  • lxd/storage/drivers/volume: Config comment improvement
  • lxd/storage/drivers/volume: Rename customMountPath to mountCustomPath
  • lxd/storage/drivers: vol.mountCustomPath usage
  • lxd/storage/drivers/volume: Adds mountFilesystemProbe and SetMountFilesystemProbe function
  • lxd/storage/drivers/utils: fsUUID simplification
  • lxd/storage/drivers/utils: Adds fsProbe function
  • lxd/storage/drivers/driver/lvm/volumes: Adds vol.mountFilesystemProbe support to MountVolume
  • lxd/storage/drivers/driver/ceph/volumes: Adds vol.mountFilesystemProbe support to MountVolume
  • lxd/instance/drivers/driver/lxc: Adds volumeConfig arg to lxcCreate
  • lxd/instance/drivers/driver/qemu: Adds volumeConfig arg to qemuCreate
  • lxd/instance/instance/utils: Updates Create signature for new create function
  • lxd/instance/drivers/load: Adds volumeConfig arg to create
  • lxd/instance/instance/utils: Adds volumeConfig arg to CreateInternal
  • lxd: instance.CreateInternal usage
  • lxd: instance.CreateInternal usage in tests
  • shared/api: Support for Requestor field in lifecycle event log
  • lxd/instance/drivers: Check instance is stopped, and not in an error state when stopping
  • shared/idmap: Use O_CLOEXEC
  • lxd/storage: Use O_CLOEXEC
  • client/connection: Log simplestreams URL in ConnectSimpleStreams
  • client/connection: Error quoting in ConnectSimpleStreams
  • lxc/config/config: Use DefaultConfig when defaults==true in NewConfig
  • lxc/config/file: Set DefaultRemote in LoadConfig if not specified by config file
  • lxc/config/file: Reference DefaultConfig.DefaultRemote in SaveConfig
  • lxc/monitor: Add --all-projects
  • lxc/monitor: Add --format
  • i18n: Update translation templates
  • test/godeps: Updates with github.com/lxc/lxd/shared/log15
  • i18n: Update translations from weblate
  • lxd/instance/drivers/driver/qemu: Update start time volatile keys before backup file is written
  • lxd/instance: Pass instanceType to ValidConfig
  • lxd/instance: Pass instanceType to validConfigKey
  • shared/instance: Split the config keys in container/VM/Any
  • doc/instances: Mark security.devlxd as available for VMs
  • shared/instance: Re-format
  • shared/instance: Switch to the new maps
  • shared/instance: Pass instanceType to ConfigKeyChecker
  • lxc/list_test: Fix comments
  • lxc/list: Update for ConfigKeyChecker change
  • lxd/instance: Update for ConfigKeyChecker change
  • lxd/storage/drivers/driver/lvm/utils: Typo in comment on lvmBlockVolSuffix
  • lxd/storage/drivers/driver/zfs/utils: Adds zfsBlockVolSuffix const and uses it in dataset function
  • lxd/storage/drivers/driver/zfs/patches: Uses zfsBlockVolSuffix in patchStorageZFSMount function
  • lxd/storage/drivers/driver/ceph/utils: Add cephBlockVolSuffix constant
  • lxd/storage/drivers/driver/ceph/utils: Moves volume type to rbd volume prefix conversion out of getRBDVolumeName and into cephVolTypePrefixes
  • lxd/storage/drivers/driver/lvm/utils: Simplify lvmFullVolumeName
  • shared/api: Fix crash on missing event requestor
  • shared/cmd/ask: Add error handling to CLI question askers to avoid infinite loops with EOF
  • lxd/main/init/interactive: Update usage of CLI asker functions to handle errors
  • lxc/remote: Update usage of CLI askers to handle errors
  • lxc: Hide built-in completion command
  • shared/api: Add support for USB GPU
  • lxd/resources: Add support for USB GPU
  • api: resources_gpu_usb
  • lxd/resources: Reword errors
  • shared/validate: Change IsOneOf to return validator
  • lxd: Switch to new IsOneOf
  • shared: Switch to new IsOneOf
  • doc/cloud-init: Update for current images
  • lxd/db/storage/pools: CreateStoragePool comment improvement
  • lxd/storage/drivers/utils: Consistent error quoting and messaging in wipeDirectory
  • lxd/storage/drivers/driver/btrfs: Consistent error quoting and messaging in Delete
  • lxd/storage/drivers/driver/zfs: Add validation to Mount
  • lxd/storage/backend/lxd: Expand comment in EnsureImage about partial image volume handling
  • lxd/storage/backend/lxd: Don't try to load root disk config in MountInstance/UnmountInstance if instance not in DB
  • lxd/storage/backend/lxd: Remove support for lxd import from CheckInstanceBackupFileSnapshots
  • lxd/storage/backend/lxd: Clarify comment in CheckInstanceBackupFileSnapshots
  • lxd/storage/utils: Adds VolumeTypeToAPIInstanceType function
  • lxd/storage/load: Adds NewTemporary function
  • lxd/storage/drivers/interface: Adds ListVolumes definition
  • lxd/storage/drivers/generic/vfs: Adds genericVFSListVolumes function
  • lxd/storage/drivers/generic/vfs: Adds and uses constant genericVolumeBlockExtension
  • lxd/storage/drivers/driver/mock/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/btrfs/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/dir/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/lvm/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/zfs/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/ceph/volumes: Adds ListVolumes function
  • lxd/storage/drivers/driver/cephfs/volumes: ListVolumes function
  • lxd/storage/pool/interface: Add ListUnknownVolumes definition
  • lxd/storage/pool/interface: Adds ImportInstance definition
  • lxd/storage/backend/mock: ListUnknownVolumes function placeholder
  • lxd/storage/backend/mock: Adds ImportInstance placeholder function
  • lxd/storage/backend/lxd: Adds ListUnknownVolumes function
  • lxd/storage/backend/lxd: Adds ImportInstance implementation function
  • lxd/storage/backend/lxd: Delete any left over image volumes in Delete
  • lxd/storage/drivers/volume: EnsurePath to create parent snapshot volume directory if needed
  • lxd/storage/drivers/utils: Consistent quoting of errors in createParentSnapshotDirIfMissing
  • lxd/db/profiles: Adds GetProjectProfileNames function
  • lxd/api/internal: Adds internalRecoverValidateCmd and internalRecoverImportCmd endpoint
  • lxd/main: Adds recover CLI command
  • test: Adds container recover tests
  • doc/backup: Newline tweaks for clarity
  • doc/backup: Updates disaster recover documentation describing the use of the lxd recover command
  • lxd/api/internal: Remove lxd import endpoint and internalImportFromRecovery function
  • lxd/api/internal: Remove recovery mode from internalImport
  • lxd/instances/post: internalImport usage in createFromBackup
  • lxd/instance/drivers/driver/lxc: Remove usage of storagePools.InstanceImportingFilePath
  • lxd/api/internal: Update internalImport to use instance name consistency and dont mangle the parsed backup yaml snapshot names
  • lxd/main/import: Modify lxd import to error with instructions to use lxd recover command
  • test: Remove lxd import tests
  • lxd/storage/storage: Delete GetContainerMountPoint as doesn't support VMs
  • lxd/patches/utils: Adds containerMountPoint as deprecated legacy function
  • lxd/patches: Switches to containerMountPoint
  • lxd/instance/post: Switch to storagePools.LoadByInstance() in instancePostClusteringMigrateWithCeph
  • lxd/instance/post: Renames internalClusterContainerMovedPost to internalClusterInstanceMovedPost
  • lxd/instance/post: Error consistency in instancePostClusteringMigrateWithCeph
  • lxd/instance/post: Renames instancePostCreateContainerMountPoint to instancePostCreateInstanceMountPoint
  • lxd/instance/post: Switch to instancePostCreateInstanceMountPoint
  • lxd/profiles/utils: Don't expose node concept in end user errors in doProfileUpdate and doProfileUpdateCluster
  • lxd/api/internal: Rename internalImport to internalImportFromBackup
  • lxd/instances/post: internalImportFromBackup usage in createFromBackup
  • lxd: Renames /internal/cluster/container-moved to /internal/cluster/instance-moved
  • i18n: Update translation template
  • lxd/db/generate/db/mapping: check Filter field in FilterFieldByName
  • lxd/db/generate/db/parse: fill Filter field for Mapping
  • lxd/db/generate/db/parse/test: use empty Filter for tests
  • lxd/db/projects: move api.Project to db.Project
  • lxd/api: use db.Project instead of api.Project
  • lxd/db: use db.Project instead of api.Project
  • lxd/device: use db.Project instead of api.Project
  • lxd/images: use db.Project instead of api.Project
  • lxd/device: use db.Project instead of api.Project
  • lxd/patches: use db.Project instead of api.Project
  • lxd/project: use db.Project instead of api.Project
  • lxd/storage: use db.Project instead of api.Project
  • lxd/db/certificates: add CertificateType for type of certificate
  • lxd/certificates: use CertificateType instead of int
  • lxd/cluster: use CertificateType instead of int
  • lxd/daemon: use CertificateType instead of int
  • lxd/db/migration/test: use CertificateType instead of int
  • lxd/db/generate/db/mapping: support CertificateType
  • lxd/db/generate/db/method: add generator comment to generated methods
  • lxd/db/mapper: generated code
  • i18n: Update translations from weblate
  • Added console and rename to lxd names auto complete
  • lxd/instance/drivers: Add ErrInstanceIsStopped
  • lxd/util/kernel: Renames HasFilesystem to SupportsFilesystem
  • lxd/daemon: util.SupportsFilesystem usage
  • lxd/storage/filesystem: Adds filesystem package and moves FilesystemDetect to it as just Detect
  • lxd/storage/drivers/utils: Removes hasFilesystem
  • lxd/storage/drivers/driver/btrfs: Replace hasFilesystem usage with filesystem.Detect
  • lxd/device: filesystem.Detect usage
  • lxd/instance/drivers: filesystem.Detect usage
  • lxd: filesystem.Detect usage
  • lxd/sys: filesystem.Detect usage
  • shared: Removes IsMountPoint and parseMountinfo
  • lxd/storage/filesystem/fs: Adds parseMountinfo and IsMountPoint
  • lxd/daemon: filesystem.IsMountPoint usage
  • lxd/device: filesystem.IsMountPoint usage
  • lxd/patches: filesystem.IsMountPoint usage
  • lxd/storage: filesystem.IsMountPoint usage
  • lxd/storage/filesystem: Adds StatVFS function
  • shared/util/linux: Removes Statvfs
  • lxd/storage/drivers/generic/vfs: filesystem.StatVFS usage
  • lxd/storage/filesystem/fs: Switch Detect to use StatVFS
  • lxd/storage/drivers: Error quoting
  • lxc: Provide more information on instance device actions
  • lxc: Update error message on non-existent device
  • po: Update translations
  • lxd/backup: Only write snapshot only name to backup index in volumeBackupWriteIndex
  • lxd/storage/backend/lxd: Handle both old (incorrect) / and only names in index file in CreateCustomVolumeFromBackup
  • lxd/storage/drivers: Initialise an empty volume config in the volumes returned from ListVolumes
  • lxd/storage/pool/interface: Adds ImportCustomVolume definition
  • lxd/storage/backend/mock: Adds ImportCustomVolume placeholder
  • lxd/storage/backend/lxd: Adds ImportCustomVolume implementation
  • lxd/storage/backend/lxd: Add custom volume support to ListUnknownVolumes
  • lxd/api/internal/recover: Add custom volume support to recover feature
  • lxd/api/internal/recover: Improve instance recover error messages
  • lxd/instance/drivers/driver/qemu: Remove isImport TODO consideration as lxd import doesn't exist anymore
  • lxd/storage/drivers/driver/zfs/volumes: Fix ListVolumes to detect custom block volumes
  • lxd/storage/backend/lxd: Improve error and logging of removal of left over image volumes in Delete
  • lxd/storage/drivers: Update ListVolumes of block backed drivers to detect duplicate image volumes and only return the block type
  • lxd/storage/backend/lxd: Fix type in comment in CreateCustomVolumeFromBackup
  • lxd/db: Add ClusterMemberStateEvacuated
  • lxd/db: Add function to change node status
  • lxd/db: Ignore evacuated cluster members in GetNodeWithLeastInstances
  • lxd/db: Include evacuated nodes and mark them accordingly
  • lxd/db: Add OperationClusterMemberEvacuate and OperationClusterMemberRestore
  • lxd/db: Add LocalNodeIsEvacuated
  • shared/instance: Add evacuation options
  • shared/api/cluster: Add ClusterMemberStatePost
  • lxd/instance/drivers: Add IsMigratable
  • lxd: Add forwardedResponseToNode
  • lxd: Add migrateInstance function
  • lxd: Add /1.0/cluster/member/{name}/state
  • lxd: Restrict operations on evacuated nodes
  • api: Add clustering_evacuation
  • client: Add UpdateClusterMemberState
  • lxc: Add cluster {evacuate,restore}
  • doc/rest-api: Refresh swagger YAML
  • doc: Mention new evacuation settings
  • test/suites: Add evacuation tests
  • test/suites: Clean up clustering_image_refresh
  • po: Update translations
  • lxd/db/generate/db: mention interface signatures in cli help
  • lxd/db/generate/file/snippet: add GenerateSignature
  • lxd/cgroup: Fix handling of non-systemd cgroup2
  • lxd/db/generate/db/stmt: implement empty GenerateSignature
  • lxd/db/generate/db/method: implement GenerateSignature and signature
  • lxd/db/generate/db/method: add isInterface argument to begin
  • lxd/db/generate/db/method: use signature instead of begin
  • lxd/db/generate/file/write: add resetInterface and appendInterface
  • lxd/db/interface/mapper: add generated interface files
  • lxd/db/generate/db/method: use GetOne/GetMany instead of Get/List
  • lxd/db: use GetOne/GetMany for generator comments
  • lxd/db/mapper: new generated code
  • doc/clustering: Mention evacuate/restore
  • lxd/db/generate/db/lex: add -by- field parsing helpers
  • lxd/db/generate/db/mapping: add ActiveFilters
  • lxd/db/generate/db/mapping: make FieldArgs and FieldParams methods on Mapping
  • lxd/db/generate/db/method: use operations to parse method kind
  • lxd/db/generate/db/method: use new Field argument parsing
  • lxd/db/generate/db/method: implement parameter-based delete methods
  • lxd/db: use -by- fields for delete generation comments
  • lxd/db/mapper: update generated code
  • lxd/db: use explicit arguments for delete
  • lxd/api/project: use explicit arguments for delete
  • lxd/cluster/membership: use explicit arguments for delete
  • lxd/instance/test: use explicit arguments for delete
  • lxd/operations/linux: use explicit arguments for delete
  • lxd/patches: use explicit arguments for delete
  • lxd/profiles: use explicit arguments for delete
  • lxd/db/generate/lex/case: lowercase ID and UUID
  • lxd/db/operations/mapper: update generated code
  • lxd/api/internal/recover: Search unknown volumes list for any instance volume and use that for pool DB recovery
  • lxd/main/recover: Add some output when starting potentially log processes
  • test: Ensure custom user config is restored during pool recovery from instance config
  • lxd/db/generate/db/parse: rename (Ref)Filters to (Ref)FiltersFromStmt
  • lxd/db/generate/db/method: use FiltersFromStmt
  • lxd/db/generate/db/method: add if block for empty filters
  • lxd/db/certificates: remove comparison flag from Fingerprint
  • doc: Add events doc to navigation
  • test: Switch recover tests to use a non-default project
  • lxd/api/internal/recover: Recover custom volumes before instance volumes
  • test: Add recover custom volume tests
  • lxd/storage/drivers/driver/cephfs/volumes: Implements ListVolumes function
  • lxd/api/internal/recover: Removes check for skipping unsupported storage pools in internalRecoverScan
  • lxd/api/internal/recover: Don't allow storage pool record recovery if clustered
  • lxd/main/recover: Don't offer the option to enter additional storage pools when clustered
  • lxd/storage/drivers: Prevent custom block volume export
  • lxd/device/disk: Update comment regading custom block volumes
  • lxd/device/disk: Check path property for filesystem volumes
  • lxc/storage: Allow attaching custom block volumes to VMs
  • po: Update translations
  • lxc/init: When using network flag support managed networks
  • lxd/init: Create NIC called eth0 with interface name eth0 when using --network flag
  • lxc/init: Improve errors so that it is clear what resource type isn't found
  • lxd/instance/drivers: Make volatile.uuid population code same for both drivers
  • lxd/instance/instance/utils: Populate volatile.uuid in CreateInternal if needed
  • lxd/instance/instance/utils: Adds MoveTemporaryName and IsSameLocgicalInstance functions
  • lxd/instance/post: instance.MoveTemporaryName usage
  • lxd/device/nic/bridged: Update duplicate validation to use instance.IsSameLocgicalInstance
  • test: Update container local cross pool handling to test for duplicate NIC check handling
  • test: Fix tests to use eth0 rather than attached network name
  • lxd: Hide built-in completion command
  • lxd/instance/instance/utils: Updates CreateInternal to create an operationlock as soon as its instance ID exists
  • lxd/api/internal: CreateInternal operationlock usage
  • lxd/instance: CreateInternal operationlock usage
  • lxd/instance/drivers/driver/common: CreateInternal operationlock usage
  • lxd/instances/post: CreateInternal operationlock usage
  • lxd/migrate/instance: CreateInternal operationlock usage
  • lxd: Update tests for CreateInternal usage
  • syscall_wrappers: don't conflict with glibc provided close_range()
  • lxd/db/certificates: add manual query for fingerprint with wildcard
  • lxd/db/certificates/test: remove wildcard from test
  • lxd/db/images: remove comparison flag from Fingerprint
  • lxd/db/images: add getImagesByFingerprintPrefix for wildcard querying
  • lxd/db/transaction: add prepare
  • Makefile: add goimports to update-schema
  • lxd/db/mapper: update generated code
  • lxd/db/generate/db/stmt: remove comparison tag handling
  • lxd/db/images/test: add TestGetImage
  • lxd/db/images: fingerprint to fingerprintPrefix and public to publicOnly
  • lxd/apparmor: Allow remount using strictatime
  • lxc/info: Improve output
  • lxc/info: Rework network information
  • lxc/info: Move to IEC units
  • i18n: Update translation template
  • tests: Update for lxc info changes
  • i18n: Update translations from weblate
  • lxd/db: use pointers for filter fields
  • lxd/db/generate/db/method: remove Criteria and check filter fields directly
  • lxd/db/generate/db/lex: check filter for nil fields instead of criteria
  • lxd/db/generate/db/mapping: remove unused functions
  • lxd/db/generate/db/parse: remove unused functions
  • lxd/db/generate/db/parse: return active and ignored filters from (Ref)FiltersFromStmt
  • lxd/db/generate/db/lex: check ignored fields are nil in activeFilters
  • lxd/db/generate/db/method: check ignored filters and error out if invalid
  • lxd/firewall: Rename DHCPDNS to ICMPDHCPDNS
  • lxd/firewall/nftables: Clarify comment
  • lxd/firewall/nftables: Allow ICMP
  • lxd/firewall/xtables: Allow ICMP
  • lxd/db/instances: omit InstanceType from -Ref methods
  • lxd/db/mapper: update generated code
  • images: use pointers for ImageFilter
  • operations: use pointers for OperationFilter
  • profiles: use pointers for ProfileFilter
  • snapshots: use pointers for InstanceSnapshotFilter
  • instances: use pointers for InstanceFilter
  • lxd/db/instances: remove InstanceFilterAllInstances
  • lxd/db/instances: add InstanceTypeFilter
  • lxd/db/instances: use InstanceFilter instead of optional args
  • lxd/use InstanceTypeFilter instead of optional args
  • lxd/db/instances: add empty string check for GetLocalNodeName
  • lxd/db/images: use ImageFilter for optional args
  • lxd/storage/pools: use ImageFilter for GetImages args
  • lxd/util: Add ceph config parser
  • lxd/storage/cephfs: Use new ceph parsing funtions
  • lxd/device/disk: Use new ceph parsing funtions
  • lxd/util: Make ceph.conf parser more tolerant

Try it for yourself

This new LXD release is already available for you to try on our demo service.

Downloads

The release tarballs can be found on our download page.

Binary builds are also available for:

  • Linux: snap install lxd
  • MacOS: brew install lxc
  • Windows: choco install lxc

Older news