Weekly status for the week of 8th July to 14th July.

Introduction

The highlight of the past week was the release of LXD 6.1. Please see the release notes for more details.

Bugfixes

• Fixed an issue where a custom block volume could be attached to multiple instances which could result in potential data loss. Now, custom block volumes cannot be attached to multiple instances without explicitly setting the new configuration key security.shared to true.

• Fixed an issue where generated client tokens were rejected when an LXD cluster was added as a remote if the target server used was not the same one that generated the token. The certificate add operation metadata was incorrectly unmarshalled during internal communication between cluster members, causing the token to be accepted only by the cluster member that initially generated it.

• Web socket keepalives are no longer used for UNIX sockets because it was causing occasional unexpected EOF errors on arm64 and riscv64 architecture.

All changes

The items listed below is all of the work which happened over the past week and which will be included in the next release.

LXD

• Prevent custom block volume sharing
• Preparation for 4.0.10 (stable-4.0)
• Enable mTLS for server certificates (stable-4.0)
• fix(deps): update golang.org/x/exp digest to 46b0784
• fix(deps): update module github.com/minio/minio-go/v7 to v7.0.73
• Release LXD 6.1
• Backports (stable-5.21)
• build(deps): bump github.com/dell/goscaleio from 1.14.1 to 1.15.0
• build(deps): bump github.com/osrg/gobgp/v3 from 3.27.0 to 3.28.0
• build(deps): bump github.com/dell/goscaleio from 1.14.1 to 1.15.0
• build(deps): bump github.com/osrg/gobgp/v3 from 3.27.0 to 3.28.0
• build(deps): bump golang.org/x/term from 0.21.0 to 0.22.0
• doc/metadata: Drop now unused file (stable-5.0)
• Update first_steps.md
• test/main: don’t check for xgettext command
• Update short description for the OIDC groups claim
• lxd/instance/exec: Only use keepalives on TCP sockets
• Extract certificate add token metadata from remote member
• Improve test reliability (stable-4.0)
• build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1
• test/suites: Grep for trusted certificate names with -wF flags (stable-4.0)
• Backports (stable-5.21)
• Backports (stable-5.0)
• Test certificate add token remote operation
• Extract certificate add token metadata from remote member (stable-5.21)
• test: replace many grep -Fx by shell comparison
• test/suites/backup: cleanup
• test: use my_curl() helper where applicable
• lxd: Improve certificate add token validation
• Backports (stable-5.21)

LXD UI

• fix(login) use trust_token as a field name in the payload
• chore(readme) suggest the default channel when installing lxd
• fix(network) allow disabling of dhcp in ipv4/ipv6 network configuration

LXD Charm

• Nothing to report this week

LXD Terraform provider

Last week, Terraform LXD provider has received a new release 2.2.0. Some highlights are:

• Support for remote LXD authentication using trust token
• Support for custom simplestream remotes
• New resource for adding client certificates into LXD trust store
• New resources for network forwards and ACL rules - from Incus

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXD as well as work to get various software to work properly inside containers.

Ubuntu

• Nothing to report this week.

LXD snap

• LXD 6.1 updates (latest-candidate)
• lxd: Update snap release version to 6.1 (latest-candidate)
• lxd-ui: Bump to 0.10 (latest-candidate)
• lxd-migrate: Remove left over files (latest-candidate)
• Dependency updates (5.21-edge)
• lxd: Cherry-pick upstream bugfixes (5.0-candidate)
• lxd: Cherry-pick upstream bugfixes (5.0-candidate)
• netfilter: Switch to upstream source tarballs for libmnl and libnftnl
• Ceph snappy
• Cherry-picks (latest-candidate)
• lxd: Cherry-picks (latest-candidate)
• Pre LXD 5.21.2 updates (5.21-candidate)
• netfilter: Switch to upstream source tarballs for libmnl and libnftnl (5.21-edge)
• lxd: Cherry-picks (5.0-candidate)
• lxd: Remove earlier cherry-picks (5.21-candidate)
• lxd: Use different commit for cherry-pick (5.0-candidate)
• lxd: Pre 5.21.2 (5.21-candidate)
• lxd: Cherry-picks (latest-candidate)
• lxd-ui: Bump to 0.11 (latest-candidate)
• lxd-ui: Bump to 0.8.3 and switch to source-commit hash (5.21-candidate)
• snapcraft: add rust-channel to virtiofsd rust part