Weekly status for the week of 6th January to 12th January.

Introduction

The highlight of the past week is a new feature in LXD that enables attaching a VM root volume to another instance. Additionally, several bugs were fixed, and various improvements were made to error handling throughout the LXD codebase.

The temporary issues with the images: remote, caused by hardware failures, have also been resolved, and the remote is now fully functional. We are still working on restoring its IPv6 connectivity.

Thanks to all the contributors!

Allow attaching VMs root volumes as disk devices

LXD now allows attaching virtual machine volumes as disk devices to other instances.

In order to prevent concurrent access, security.protection.start must be set on an instance before its root volume can be attached to another virtual-machine.

lxc config set vm1 security.protection.start=true
lxc storage volume attach my-pool virtual-machine/vm1 vm2

Since simultaneous access to storage volumes with content-type: block is considered unsafe, certain limitations apply:

• When security.protection.start is enabled, the root volume can be attached to only one other instance. This is recommended for interactive use, such as when access to the block device is needed for volume recovery.

• Enabling security.shared removes the restriction of how many instances can access the block volume simultaniously. However, it comes with the risk of volume corruption.

• When neither security.protection.start nor security.shared is enabled, the root volume cannot be attached to another instance.

Documentation: Attach instance root volumes to other instances

Bug Fixes

• The API now supports fetching network zones from all projects. (from Incus)

• The lxc auto-completion has been further improved to provide correct suggestions for load balancer addresses when managing network forwards, as well as target addresses when adding new network forward ports. Additionally, auto-completion now supports the --project, --profile, and --mode flags.

• Improved lxc auto-completion for lxc file push|pull, which now suggests files within an instance. (from Incus)

All changes

The items listed below is all of the work which happened over the past week and which will be included in the next release.

LXD

• Network: Return ACL logs from syslogs when the OVN controller is deployed in MicroOVN
• Attach VM root volumes as disk devices
• API: Add all projects support for network zones (from Incus)
• CLI: lxc network forward completion improvements
• Misc fixes
• build(deps): bump github.com/go-acme/lego/v4 from 4.20.4 to 4.21.0
• build(deps): bump github/codeql-action from 3.27.9 to 3.28.0
• build(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0
• build(deps): bump github.com/go-acme/lego/v4 from 4.20.4 to 4.21.0
• build(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0
• build(deps): bump github/codeql-action from 3.27.9 to 3.28.0
• build(deps): bump google.golang.org/protobuf from 1.36.0 to 1.36.1
• build(deps): bump google.golang.org/protobuf from 1.35.2 to 1.36.1
• build(deps): bump google.golang.org/protobuf from 1.35.2 to 1.36.1 (stable-5.0)
• build(deps): bump golang.org/x/term from 0.27.0 to 0.28.0
• build(deps): bump github.com/openfga/openfga from 1.8.2 to 1.8.3
• build(deps): bump github.com/osrg/gobgp/v3 from 3.32.0 to 3.33.0
• build(deps): bump github.com/zitadel/oidc/v3 from 3.33.1 to 3.34.0
• build(deps): bump golang.org/x/oauth2 from 0.24.0 to 0.25.0
• build(deps): bump github.com/osrg/gobgp/v3 from 3.32.0 to 3.33.0
• build(deps): bump golang.org/x/oauth2 from 0.24.0 to 0.25.0
• build(deps): bump golang.org/x/term from 0.27.0 to 0.28.0
• build(deps): bump github.com/openfga/openfga from 1.8.2 to 1.8.3
• build(deps): bump github.com/minio/minio-go/v7 from 7.0.82 to 7.0.83
• lxd/patches: Remove volatile.%.last_state.ip_addresses keys more efficiently (stable-5.21)
• build(deps): bump golang.org/x/oauth2 from 0.24.0 to 0.25.0
• build(deps): bump github.com/osrg/gobgp/v3 from 3.32.0 to 3.33.0
• build(deps): bump golang.org/x/term from 0.27.0 to 0.28.0
• gomod: Dep updates (stable-5.21)
• CLI: Add lxc file completions and fix lxc profile copy completions (from Incus)
• lxc: Update auth group edit help text
• shared/entity: Fix and Enhance Project Query Parameter Handling in Entity URL Parsing
• CLI: lxc image alias completions (from Incus)
• CLI: Add flag completions for --project, --profile and --mode
• devlxd: Avoid superfluous call to WriteHeader
• devlxd: Unmask Render errors
• Storage: Add block reset logic
• lxd: lxd cluster show print bytes
• lxd/storage: Remove redundant error check
• doc: update ref to cloud-init docs
• github: add actions/reclaim-memory

LXD UI

• Avoid duplicate title setting from resource label and the table cell in identities list
• chore(deps): update all dependencies
• Do not limit length when using resource link is use in the main section
• Link idp group count to edit panel
• fix(test) doc links test
• chore(deps) update dependencies
• Avoid null pointer exception in storage pools.
• chore(deps) update demo server dependencies
• Rectify link to for operation status

LXD Charm

• Nothing to report this week

LXD Terraform provider

• Nothing to report this week

PyLXD

• Drop wait argument from image create
• Introduce missing fields on StorageVolume and Image

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXD as well as work to get various software to work properly inside containers.

Ubuntu

• Nothing to report this week.

LXD snap

• snapcraft: lxcfs doesn’t need PAM dev libs
• snapcraft: Fix LXD snap bash completions
• build(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0
• build(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0
• lxd: Bump pre-LXD 5.21.3 commit (5.21-candidate)
• snapcraft/wrappers/gpu-2404-custom-wrapper: adjust XDG_DATA_DIRS env variable