Weekly status for the week of 22th July to 28th July.
Introduction
In the past week, LXD has received several bugfixes and features.
Extended the VM conversion API with option to inject virtio drivers
The conversion API already allows VM images that are uploaded to the LXD server to be converted into a raw disk format. In addition to format conversion, LXD is now capable of injecting virtio drivers into the resulting raw disk. However, currently, the virt-v2v-in-place tool needs to be manually installed on the host running the LXD server.
To inject VIRTIO drivers during conversion, enable virtio conversion option when invoking lxd-migrate:
# Enable only driver injection.
lxd-migrate --conversion=virtio
# Enable both image formatting and driver injection:
lxd-migrate --conversion=format,virtio
Note that when importing Windows images from external hypervisors, additional drivers need to be downloaded and placed in the appropriate directories according to the documentation.
Documentation: How to import physical or virtual machines to LXD instances
Support for starting instances on creation (from Incus)
A new field start has been added to the instance creation API request (POST /1.0/instances), which allows an instance to be started immediately after creation as part of the same request.
Documentation: How to create instances (API tab)
Bugfixes
-
Fixed an issue where virtiofs daemon would not start on older kernel versions. Virtiofs defaults to namespace sandbox mode, which requires
pidfd_opensupport intrduced in Linux5.3. LXD will now fallback to chroot sandbox mode if running on an older kernel. -
Project config can now be patched. Previously, the project config was entirely replaced with the request config, but now only the fields present in the request config are updated.
-
Fixed an issue where setting the project quota failed if the file disappeared during the directory walk.
-
Fixed AppArmor rules which prevented unprivileged Ubuntu 24.10 containers from starting. AppArmor rules now allow mounting with the
nosymfollowoption.
All changes
The items listed below is all of the work which happened over the past week and which will be included in the next release.
LXD
- Auth: Add project query parameter to URLs in authorizer
- lxd: Add support for starting instances on creation (from Incus)
- Add entitlements to metadata
- Extend conversion API with option to inject virtio drivers
- Openfga dependency update
- lxd: Update logic for project config patch
- fix(deps): update golang.org/x/exp digest to 8a7402a
- fix(deps): update module github.com/minio/minio-go/v7 to v7.0.74
- Update metrics.md to remove symlink trailing slash
- fix(deps): update module github.com/pkg/xattr to v0.4.10
- VM: Use virtiofsd chroot sandbox mode on pre pidfd_open kernels
- Doc: Add more details on Dell PowerFlex pool creation
- Backports (stable-5.21)
- Backports (stable-5.0)
- build(deps): bump github.com/pkg/xattr from 0.4.9 to 0.4.10
- doc/projects: fix documentation for PATCH request
- Backports (stable-5.21)
- doc/storage: change examples to sections instead of tabs
- github: Exclude lvm standalone tests as they fail on Github due to lack of space (stable-4.0)
- Release LXD 4.0.10 (stable-4.0)
- Storage: Don’t fail on setting dir project quota if file is removed during root fs walk
- lxd-migrate: Fix path provided to the raw disk check
- Specify subject name when generating keypair
- Doc: Additional examples for cluster storage pools using remote drivers
- Container: Allow apparmor nosymfollow mount flag in more cases
- Container: fix all apparmor ro+remount rules
- doc: Use consistent naming for remote pool creation examples
LXD UI
- Add link to the authentication setup FAQ from the certificate generation and reuse pages
- [WD-13254] test: network forms
LXD Charm
- Nothing to report this week
Distribution work
This section is used to track the work done in downstream Linux distributions to ship the latest LXD as well as work to get various software to work properly inside containers.
Ubuntu
- Nothing to report this week.
LXD snap
- snapcraft: Add
nvidia-ctkas part of the binary tool for Container Device Interface spec generation - Invoke virt-v2v-in-place on host
- lxd: Bump version to 5.21.2 (5.21-candidate)
- Pre LXD 4.0.10 (4.0-candidate)
- lxd: Bump to 4.0.10 (4.0-candidate)
- snapcraft/commands: Fix check for first execution during daemon start