Weekly status for the week of 19th February to 24th February.

Introduction

This past week has seen the arrival of two of our roadmap items; Dell Powerflex and UEFI variable editing support, as well as several improvements for VM functionality.

LXD

New Dell Powerflex storage driver

There are various enablement activities between Dell and Canonical as a part of our ongoing partnership. The latest of them is adding the ability for LXD to interface directly with its PowerFlex storage services in order to allow LXD instances and volumes to be stored on the platform.

Due to its design, PowerFlex will be another LXD storage driver offering remote storage capabilities similar to the already existing implementation for Ceph RBD.

The Powerflex driver also required modifications to the storage subsystem in LXD in order to accommodate the requirement of each volume having its own volatile.uuid property which is used by the Powerflex driver to generate a volume name in the Powerflex system. This allows LXD to overcome the volume length restrictions in Powerflex.

Documentation: Dell PowerFlex

Direct modification of VM UEFI variables (LXD snap only).

It is now possible to directly, and programmatically modify a VM’s UEFI variables using the new lxc config uefi command(s). This allows for customisation of the boot environment (such as customising the secure boot keys) without having to go into the VM’s UEFI firmware screen.

Documentation: UEFI variables for VMs

Device override when importing instance from backup file

It is now possible to use the --device flag when importing an instance from a backup file using lxc import. This allows for overriding the device config used when creating the instance, similar to the --device flag available on the lxc launch and lxc init commands.

VMs can be started with migration.stateful enabled and root disk’s size.state unset

Previously when using a VM with migration.stateful enabled (which allows for both stateful stop and live migration) the instance’s root disk would also need the size.state property to be set before the VM could be started. This check has now been deferred until the VM is attempted to be live migrated or statefully stopped. Additionally it is now possible to set the size.state property on a VM’s root disk whilst the VM is running.

API how-tos in the documentation

The documentation has been extended with an initial set of API how-tos to aid users when integrating with LXD’s API directly. These API examples are being added to each section of the documentation alongside the examples using the lxc CLI tool.

VM config volumes now ignore pool’s volume.block.filesystem setting

When using VMs atop of a storage pool that uses block backed volumes (such as LVM or Ceph RBD) the pool’s volume.block.filesystem setting is now ignored for new VMs, and the default filesystem (ext4) is always used.

This is because newer versions of xfs require the minimum volume size to be 300MiB, which was deemed wasteful for LXD’s VM config volume (especially on non-thinly provisioned pools), as it only requires less than 50MiBs. Additionally as the VM config volume is effectively an internal implementation detail and is not exposed to the VM or the end user directly using the specified filesystem, it was deemed acceptable for this to not be modifiable.

Bug fixes

• Fixed an issue when rsync was being used for file transfer and the AppArmor profile being applied to it was prematurely removed, meaning that the transfer failed when used with the LXD snap. This is being backported into 5.0-stable branch and will be cherry-picked into the 5.0/stable snap channel.
• Fixed regression with the authorization subsystem not expanding partial image fingerprints, nor taking into account effective projects when checking for access leading to overly restricted access in some cases.
• Fixed an issue with a recent storage patch that incorrectly removed block.filesystem* settings for VM config drives on LVM and Ceph RBD. It should have only removed them from custom block volumes.

All changes

The items listed below is all of the work which happened over the past week and which will be included in the next release.

LXD

• Add device parameter for importing instance command
• Add Dell PowerFlex storage driver
• DB: Move db functions to ClusterTx
• Doc: Add API instructions to instances how-tos
• VM instance’s UEFI variables manipulation support
• Auth: Expand certificate/image fingerprints and handle effective projects in authorization check.
• Storage: Set the volume UUIDs consistently
• Storage: Pass a VolumeCopy to genericVFSCopyVolume
• Storage: Move snapshot comparison logic into the driver
• Move entity package back to shared
• Instance: Allow a stateful VM to be started even if its root disk size.state parameter is not set
• Doc: Howto loki
• Remove more container runtimes from GitHub runners
• Storage: Reuse the driver’s snapshot comparison after import
• Storage: Update instance volume config when saving file
• README: fix link to translations on Weblate
• Storage: Misc backports (stable-5.0)
• doc/requirements: ZFS 2.1 or higher is required
• Storage: Clone PowerFlex volume copies by default
• doc/getting started: update how to access the UI
• Auth: Ensure the default config expiry interval is set.
• lxd/rsync: Remove apparmor profile after finishing rsync send
• Qemu: Revert linter fix
• Doc: small fixed to Powerflex documentation
• Storage: Also use VolumeCopy struct for migrations
• scripts/bash/lxd-client: add bash completion for lxc config uefi
• Doc: add API instructions for images
• doc/images: minify .png
• Doc: Mention that SVG/PNG are preferred in CONTRIBUTING
• Storage: Always use default block.filesysem for VM config volumes
• lxd: Fix incorrect network device attach warnings
• Storage: Fix block volume patch
• Instance: Fix device override issues during import
• Instance: Check if VM is running earlier to prevent etag errors when setting UEFI vars
• doc/images: quote command containing asterisk
• Storage: Pass right volume name when refreshing custom volumes
• Backport rsync apparmor fix (stable-5.0)
• Backport volume.block.filesystem restriction (stable-5.0)
• client: Add API extension check for instance import with device override support
• Backport go tip fixes (stable-5.0)
• Instance: Initialise UEFI vars NVRAM on first access if needed

LXD Charm

• Nothing to report this week

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXD as well as work to get various software to work properly inside containers.

Ubuntu

• Nothing to report this week.

Snap

LXD snap

• snapcraft: add python-uefivars
• snapcraft: (re)prime usb.ids
• snapcraft: add libSegFault.so to the prime step (5.0-edge)
• Replace snap-query (Go) by python implementation
• Only support ZFS 2.1 and up
• snapcraft: have dqlite build raft
• Revert “snapcraft: have dqlite build raft”
• snapcraft: prime only needed python bits for pyuefivars