Introduction
The LXD team is very excited to announce the release of LXD 5.19!
This release includes two new features from our roadmap, as well as better integration with MicroCeph, and fixes for several lxc exec related issues.
Enjoy!
New features and highlights
Instance volume configuration through disk device
It is now possible to provide initial storage volume settings for the root disk device during instance creation.
Because some of these settings influence how the storage volume is created and cannot be altered after creation, previously it meant that these volume settings had to be set on the storage pool before creating the instance. However this caused a problem because pool level volume settings are used for all new instances created on that pool. If you wanted to only use specific settings for certain instances, it meant an awkward “dance” of first setting the desired volume settings on the pool, then creating the instance(s), and finally undoing the pool volume setting changes afterwards.
Now it is possible to avoid that awkward process by providing storage volume settings for a particular instance at create time.
For example, to have a specific new instance on a ZFS pool use ZFS block mode previously it would have been necessary to do:
lxc storage set zfs volume.zfs.block_mode=true
lxc launch ubuntu:22.04 c1 --storage zfs
lxc storage volume get zfs container/c1 zfs.block_mode # Check its enabled.
lxc storage unset zfs volume.zfs.block_mode
But now you can use the new root disk initial. settings prefix to influence underlying storage volume at instance creation time:
lxc launch ubuntu:22.04 c1 --storage zfs --device root,initial.zfs.block_mode=true
lxc storage volume get zfs container/c1 zfs.block_mode # Check its enabled.
LXD will decide if it can use an existing optimized volume to create the instance and still satisfy the requested volume settings, and if not it will perform a non-optimized unpack of the requested instance image into a fresh volume.
Add support for per-NIC device limits.priority option
LXD has previously had an instance level setting called limits.network.priority which controlled the priority given to the instance’s network requests when under load.
However this feature had some limitations; it applied to all veth-based NICs attached to the container (which isn’t always desirable), it didn’t work with VMs and it and only worked on cgroupv1 systems as it used the net_prio cgroup which meant it increasingly it did not work on modern Linux systems (as there is no direct cgroupv2 replacement for net_prio).
However on newer kernels it is now possible to set priority using iptables or nftables which works with both cgroupv1 and cgroupv2.
To utilize this functionality LXD now has a per-NIC setting called limits.priority.
The new setting works with bridged, routed and p2p NIC types and controls the skb->priority value for outgoing traffic, which is used by the kernel queuing discipline (qdisc) to prioritize network packets.
E.g.
lxc launch ubuntu:22.04 c1 --device eth0,limits.priority=6
The new setting requires nftables with kernel 5.16 or newer to work fully.
If using iptables the setting does not work with bridged NIC devices.
The old instance level limits.network.priority setting is now considered deprecated.
Improved MicroCeph detection in the LXD snap package
The LXD snap package now detects that MicroCeph is installed using a snap content interface hook.
Now when MicroCeph is installed the LXD snap package will make the required internal changes to allow LXD to use MicroCeph package rather than Ceph from the host.
Previously this detection was only done at LXD daemon start time, and so if MicroCeph was installed after LXD had started then manual intervention was required to restart LXD.
Complete changelog
Here is a complete list of all changes in this release:
Full commit list
- doc: align with current doc starter pack
- doc: remove lxc from the wordlist
- patches: Don’t fail if no storage pools were found
- shared/simplestreams/products: Fix regression in lxd_combined.tar.gz handling
- loki: Sort context keys alphabetically
- client: check API extension for
instances_rebuild - loki: Check return value of reflect.TypeOf()
- loki: Fix labels names with hyphens
- doc: add link to Windows VM tutorial
- doc: update topical navigation
- doc: unpin Sphinx version
- doc: include the cheat sheet again
- api: Add event_lifecycle_name_and_project
- shared/api: Add Name and Project to EventLifecycle
- lifecycle: Add name and project for instance lifecycle events
- loki: Set
nameandprojectlabels if present - doc/api-extensions: Use
lifecycleconsistently - loki: Add hostname as
instancelabel value - lxd/main_init: use GiB instead of GB for storage-create-loop
- lxd/firewall: add support for InstanceSetupNetPrio/InstanceClearNetPrio
- lxd/device: extend networkSetupHostVethLimits signature
- lxd/device: add support for network device limits.priority option
- test: add test for limits.priority per-device setting
- api: instances_nic_limits_priority
- lxc/cgroup/init: change warning that network priority will be ignored without NetPrio cgroup
- doc: clarify that limits.network.priority option is deprecated
- shared/version/api: Add device-initial-configuration API extension
- doc/api-extensions: Add documentation for device-initial-configuration extension
- lxd/device/config/devices: Allow initial.* configuration keys
- lxd/storage/lxd_backend: Apply initial configuration when new instance is created
- lxd/device/config/devices: Add helper function that applies profile root device with initial values to the instance devices
- lxd/instances_post: Apply profile root disk device with initial configuration to instance devices
- lxd/instance/drivers/driver_lxc: Prevent updates of initial configuration values
- lxd/instance/drivers/driver_qemu: Prevent updates of initial configuration values
- lxd/device/nic_ovn: Prevent setting static IPv6 if static IPv4 is not set
- test/suites: Add initial configuration test
- test/main: Reference initial configuration test
- lxd/device/disk: Validate profile’s device initial configuration
- doc/reference/devices_disk: Add documentation for initial configuration
- lxd/storage/backend_lxd: Prevent usage of optimized image if zfs.blocksize differs
- makefile: use venv pip and not global pip
- lxd/storage/drivers: Adds further validation to common driver.
- lxd/storage: Remove check for mutually exclusive config options.
- test/suites: Adds checks for mutually exclusive config options.
- lxd: annotate project config options
- lxd/metadata: update configuration metadata
- doc: update doc config options
- doc: update project configuration table references
- shared/util: Add generic ValueInSlice function
- Replace StringInSlice with ValueInSlice
- Replace IntInSlice with ValueInSlice
- Replace Int64InSlice with ValueInSlice
- Replace Uint64InSlice with ValueInSlice
- lxd/resources: Use shared.ValueInSlice
- Replace RemoveElementsFromStringSlice with RemoveElementFromSlice
- doc: fix swagger display
- github: add differential shellcheck to get in PR feedback
- github: only try to upload differential shellcheck result if it ran
- lxd/firewall/drivers_nftables: fix hostVersion() description
- patches: Remove invalid block settings from existing volumes
- lxc/network-allocations: Fix project and remote usage.
- test/suites: Check that we can list allocations in a remote server.
- README: Update test status badge so it accurately shows status of tests.yml workflow
- README: remove CII Best Practices badge link
- Fix info --resources for wwan devices
- patches: Check server name when unsetting invalid block settings
- client/lxd/images: Propagate error (if any) when streaming split tarballs
- github: add more quotes around subshell
- github: run fsck on git objects (safety feature)
- github: sign commits (with SSH key) to repo on git.launchpad.net
- github: set -eux on shell snippet
- tests: Don’t use lxdbr0 in network tests
- lxc: Handle volume rename in
lxc storage volume movecommand - lxd: Fully configure new node from cluster config after it is added.
- doc/devices_nic: add missing column when
limits.prioritywas copy-n-pasted in - github: look for branch target name in PR title
- github: merge DCO and branch target jobs into one
- test: Rename custom volume using
lxc storage volume move - lxd/patches: Fix patchStorageRenameCustomISOBlockVolumes when no storage pools exist
- lxc/storage: Initialise storage pool config map if nil.
- build(deps): bump redhat-plumbers-in-action/differential-shellcheck
- github: Skip edge snap build for pushes on branches from dependabot
- client: Remove project from format string API path.
- client: Adds a flag to operations to skip event listener setup.
- client: Pass useEventListener flag into queryOperation.
- client/certificates: Update calls to queryOperation.
- client/cluster: Update calls to queryOperation.
- client/containers: Update calls to queryOperation.
- client/images: Update calls to queryOperation.
- client/instances: Update calls to queryOperation.
- client/projects: Update calls to queryOperation.
- client/storage_volumes: Update calls to queryOperation.
- scripts/bash: add missing
lxc config trustsubcommands - github: build static lxc and lxd-migrate bins for arm64
- doc: allow customising which anchors to ignore
- lxd: Move certificate type to certificate package.
- lxd/storage: Prevent duplicate usedBy profile device entries
- lxd/certificate: Adds a thread-safe certificate cache.
- lxd: Use certificate.Cache in the daemon.
- doc: add information about managing the snap
- doc/projects: fix typo “profiles” instead of “projects”
- doc/projects: point out that new projects don’t have a profile
- doc/support: clarify information about LTS releases and timing
- lxd-agent: Adds an operation wait endpoint.
- lxd: Properly forward rebuild requests
- Revert “github: build static lxc and lxd-migrate bins for arm64”
- github: build static lxc and lxd-migrate bins for arm64
- build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0
- lxd/resources: if
SCSI_IDENT_SERIALis available, use it as serial nr beforeID_SERIAL_SHORT - tests: Fix storage volume recovery test
- tests: Fix syslog test
- tests: Add lxd-user test
- shared/version: Adds API extension.
- client: Check for operation wait extension and conditionally revert to events API.
- doc/howto/instances_routed_nic_vm: add missing EOF
- doc/howto/network_ipam: remove extraneous blank line
- doc/doc-lint: fix the linting script for new version of mdl
- doc: remove lxd.{ogg,wav} now that mp3 support is ubiquitous
- github: improve ceph test reliability
- github: reorder microceph setup steps to remove a sleep
- github: tune ext4 for speed and reclaim some space
- lxd/locking/lock: Return error if context got cancelled
- lxd/api: Handle error from lock
- lxd/daemon: Handle error from lock
- lxd/images: Handle error from lock
- lxd/instance: Handle error from lock
- lxd/instance/drivers: Handle error from lock
- lxd/storage/drivers: Handle error from lock
- lxd/network/driver/ovn: Handle error from lock
- lxd/storage/backend: Handle error from lock
- lxd/storage/s3/miniod: Handle error from lock
- shared/ws/mirror: Log as soon as io.Copy has finished in MirrorRead
- shared/ws/mirror: Removes unused context argument from Mirror*()
- client: ws.Mirror*() usage
- lxc-to-lxd: ws.Mirror*() usage
- lxd-agent: ws.Mirror*() usage
- lxd-migrate: ws.Mirror*() usage
- lxd: ws.Mirror*() usage
- shared/util/linux: Partially reverts 54e3da881103c42d6b4813e8930bde1b10edb236 and reintroduces GetPollRevents
- shared/util/linux: Adds execWrapper for use with ws.MirrorRead() and ws.Mirror()
- lxd/instance/exec: Use context.WithCancel rather than cancel
- lxd/instance/exec: Use shared.NewExecWrapper
- lxd-agent/exec: Use shared.NewExecWrapper and bring into line with container exec
- i18n: Update translations from weblate
- gomod: Dependency updates
- patches: Fix patch regarding unsetting zfs block settings
- lxd/storage/backend_lxd: Allow generating backup configuration w/o volume snapshots
- lxd/instance/drivers: Update func call
- shared/osarch: Add loongarch64
- internal/server/seccomp: Fix clang build
- client: Unset response header timeout when waiting for operations.
- test/suites/backup: Test instance export with instance-only flag
- test/main: Add invocation of instance export test
- github: use ppa:ubuntu-lxc/daily instead of ppa:ubuntu-lxc/lxc-git-master
- storage/backend_lxd: Replace ioutil.ReadAll() by io.ReadAll()
- lxd-metadata: Replace ioutil.{Read,Write}File() by os.{Read,Write}File()
- lxd/apparmor/rsync: Replace ioutil.WriteFile() by os.WriteFile()
- lxd/device_utils_generic: Replace ioutil.ReadDir() by os.ReadDir()
- lxd-agent: Fixes vsock listener restart on boot due to vsock module not being fully initialised
- lxd/vsock/vsock: Removes unused ContextID function
- lxd-agent: Fixes intermittent exec EOF closure when vsock listener is restarted just after boot
- shared/api/url: Fix double path encoding issue
- lxc: avoid returning early when multiple ephemeral instances are to be deleted
- test: test multiple ephemeral delete
- lxc/storage/volume: Move volume if a destination cluster member name is set
- test: Rename storage volumes in a cluster
- lxd/network/driver/bridge: Don’t consider an IP parse failure of a proxy listen address an error
- test/remote: switch to cloud-images.ubuntu.com URLs
- client/doc: use https://cloud-images.ubuntu.com/releases for simplestreams example
- github: Run push actions on main and release branches only
Downloads
The release tarballs can be found on our download page.
Binary builds are also available for:
- Linux: snap install lxd
- MacOS: brew install lxc
- Windows: choco install lxc