LXD 5.20
·
4445 commits
to main
since this release
lxd-5.20
tomponline
Tom Parrott
This tag was signed with the committer’s verified signature.
tomponline
Tom Parrott
6b2c959
This commit was signed with the committer’s verified signature.
tomponline
Tom Parrott
Announcement
https://discourse.ubuntu.com/t/lxd-5-20-has-been-released/40865
What's Changed
- lxd: Initialise server name and global config before storage patches are run by @tomponline in #12421
- Use HTTP status codes constants instead of literal numerics by @simondeziel in #12424
- lxd/firewall: Fix nftables ACL template by @rafalborczuch in #12423
- lxd/patches: Add cluster check for patches fixing volumes by @monstermunchkin in #12430
- doc: update link to tool downloads by @ru-fu in #12427
- lxd: Update certificate cache again after cluster join. by @markylaing in #12428
- Fix missing etag when retrieving storage pool by @MusicDin in #12432
- Add staticcheck target by @simondeziel in #12422
- doc: add a note about go-lxc build issue when LXC_DEVEL=1 by @mihalicyn in #12420
- Doc updates 5.19 by @ru-fu in #12435
- Doc: remove undesired content by @ru-fu in #12440
- lxd/instance/drivers: Check running status with
InitPIDfor cgroups by @monstermunchkin in #12441 - shared/cliconfig: Nicer error on missing socket by @gabrielmougard in #12439
- Exec: Log error from io.Copy by @tomponline in #12443
- Ensure the remote connection using simplestreams is valid before adding it by @gabrielmougard in #12442
- Revert "Ensure the remote connection using simplestreams is valid before adding it" by @tomponline in #12446
- Candid + RBAC test suite by @markylaing in #12436
- doc: temporarily ignore MAAS links by @ru-fu in #12448
- loki: enable TLS verification if a CA cert is provided by @simondeziel in #12402
- Authentication method constants by @markylaing in #12450
- Require destination name when copying an instance on the same server by @MusicDin in #12447
- test/suites: Unsets RBAC configuration after test. by @markylaing in #12453
- Drop
GetTLSConfig()unused args by @simondeziel in #12452 - lxd/instance/driver/qemu: replace sha1 by sha256 in blockNodeName() by @simondeziel in #12454
- Refactors
projectParamfor use outside oflxddirectory by @markylaing in #12451 - lxd: Exec wrapper improvements by @tomponline in #12456
- Authorization refactor in preparation for fine-grained authorization by @markylaing in #12313
- lxd/cluster/config: Add missing bool default values by @MusicDin in #12460
- Support server side copy/move of custom storage volumes in clusters by @monstermunchkin in #12386
- doc/networking/firewall: add more restrictive UFW rules by @ru-fu in #12266
- readme: reference Ubuntu's LXD security page by @eslerm in #12444
- lxd/storage_volumes: Fix calls to QueryParam by @monstermunchkin in #12462
- gomod: Switch UUID package by @roosterfish in #12471
- lxd/patches: Ensure renaming is only done on cluster leader by @monstermunchkin in #12467
- test/suites: Fixes wait_no_operations helper. by @markylaing in #12464
- OpenFGA authorization driver by @markylaing in #12252
- lxc/network forward: Fix typo
porttoports. by @VergeDX in #12479 - doc: add page title for related links by @ru-fu in #12480
- Fix idmapped mount layer on intercepted mounts by @mihalicyn in #12484
- config: Ensure config key values are reset to their default by @monstermunchkin in #12483
- instance/lxc: Fix swap limit handling by @gabrielmougard in #12466
- test/deps: switch to ecdsa certificate by @simondeziel in #12472
- doc: small fixes OpenFGA docs by @ru-fu in #12485
- zfs: Support zfs pools containing '/' in the patch by @monstermunchkin in #12469
- Test metrics cert by @simondeziel in #12486
- metrics: Fix label merging in metric sets by @monstermunchkin in #12474
- lxd/device/proxy: Consider routed NIC IPs for wildcard target check by @tomponline in #12502
- lxd/network/driver/bridge: Improve comments for accept_ra by @tomponline in #12501
- Go: Bump minimum version to 1.20 by @tomponline in #12506
- test/lint: Removes openfga model linter. by @markylaing in #12509
- Always use
--withexec delimiterby @simondeziel in #12455 - Add NVME disk support by @simondeziel in #12500
- Fix load balancer port typo by @MusicDin in #12508
- Restrict user.* keys by @monstermunchkin in #12487
- Go 1.20 followup by @simondeziel in #12512
- lxc/delete: Include instance name in error message by @monstermunchkin in #12499
- Adds tests for OIDC by @markylaing in #12490
- shared/network: Only skip TLS verification if no remote certificate is available by @simondeziel in #12457
- lxc: Use volume copy when moving to target project by @roosterfish in #12521
- Trust ca certs by @markylaing in #12513
- lxd/instance/exec: Only use keepalives on TCP sockets by @cjwatson in #12530
- btrfs: Handle pools whose source is a subvolume outside of the pool mount path by @monstermunchkin in #12498
- client: Use io.Writer for Stdout/Stderr in InstanceExecArgs by @monstermunchkin in #12495
- Import from incus by @simondeziel in #12532
- config: Fix
acme.ca_urlshort description by @monstermunchkin in #12535 - lxd/instance/drivers/driver_qemu: force 4MB UEFI firmware in snap by @mihalicyn in #12515
- Read system certs directly from
/etc/sslby @masnax in #12541 - lxd/instance/drivers/driver_qemu: use OVMF_CODE.fd in a non-snap envi… by @mihalicyn in #12543
- lxd/instance/drivers/driver_qemu: add the boot.debug_edk2 option by @mihalicyn in #12522
- Add LXD server UUID file by @roosterfish in #12544
- doc/installing: LXC_DEVEL needs to be fixed on 22.04+ by @simondeziel in #12549
- Exec cleanup improvements by @tomponline in #12542
- Rename ring buffer to com.canonical.lxd by @MusicDin in #12548
- Few small changes to
lxd-agent-setupscript by @simondeziel in #12552 - github: instruct dependabot to also look after the stable-5.0 branch by @simondeziel in #12553
- Respect storage pool configuration when moving instance between projects by @MusicDin in #12412
- github: instruct dependabot to also look after the stable-4.0 branch by @simondeziel in #12556
- github: dependabot knows which branch to target by @simondeziel in #12561
- VM: Support bootorder in edk2 CSM mode by @mihalicyn in #12564
- Set specific root drive config only for Ceph backends by @roosterfish in #12569
- Use stable random generator for temporary instance name by @roosterfish in #12568
- Optionally create entities for
cephfsstorage pool by @masnax in #12538 - Use default VM block filesystem size from driver by @roosterfish in #12566
- Update iso import in instances_create by @MusicDin in #12572
- Improved filtering from Incus by @simondeziel in #12570
- doc/howto: Make pool name consistent in iso tutorial. by @markylaing in #12574
- Revert to filepath traversal if subvolume list fails by @markylaing in #12565
- doc/instances: change pool name to be consistent by @ru-fu in #12576
- Retain root disk device when moving an instance to different project by @MusicDin in #12575
- VM: Strip noisy eof error when lxd-agent disconnects during exec session by @MusicDin in #12580
- doc/support: add information about Ubuntu Pro by @ru-fu in #12585
- github: enable dependabot gomod checking for 4.0/5.0 stable branches by @simondeziel in #12588
- github: have curl fail instead of feeding bogus data on download error by @simondeziel in #12590
- Respect all flags when moving an instance by @MusicDin in #12563
- Add support for hotplug/hotremove of paths to VMs (Incus) by @MusicDin in #12603
- Feat/remove shiftfs by @gabrielmougard in #12516
- Revert OpenFGA authorization driver by @markylaing in #12609
- Set correct RBD content type for qemu drives by @roosterfish in #12616
- Fix instance name generation not respecting existing instances by @MusicDin in #12618
- gomod: Update dependencies by @tomponline in #12617
- Fix profiles not retained when instance is move between projects by @MusicDin in #12610
- Fix LXD lock-up on concurrent cluster joins. by @masnax in #12571
- test: if backend is ZFS (also through random backend) and version less than 2.2, skip idmapped mount by @gabrielmougard in #12612
- github: stop dependabot from looking after 4.0 gomods by @simondeziel in #12615
- build(deps): bump actions/labeler from 4 to 5 by @dependabot in #12621
- lxd/apparmor: Allow qemu access to microceph conf by @masnax in #12622
- Add new ServerClustered field by @simondeziel in #12623
- Fix missing config defaults by @roosterfish in #12625
- Discover MinIO port using IPv4 address family by @roosterfish in #12627
- Prevent panic when devlxd server is stopped by @MusicDin in #12634
- doc/cloud-init: overwrite link text to make spell checker happy by @ru-fu in #12635
- Always copy Ceph VMs filesystem volume by @roosterfish in #12632
- client: Always use event listener for operations. by @markylaing in #12641
- Set keep-alive headers early in operation wait handler by @markylaing in #12640
- Fix VM live migration regression in edge by @roosterfish in #12644
- Adds the revive linter. by @markylaing in #12646
- Storage: Fixes from Incus by @tomponline in #12649
- doc: fix broken links by @gabrielmougard in #12650
- build(deps): bump actions/setup-go from 4 to 5 by @dependabot in #12653
- client: Discard non-interactive stdout/stderr output if writer(s) not supplied in ExecInstance by @tomponline in #12654
- doc/storage/cephfs: specify that you can automatically create pools by @ru-fu in #12661
- Change license to AGPLv3 by @tomponline in #12663
New Contributors
- @rafalborczuch made their first contribution in #12423
- @VergeDX made their first contribution in #12479
- @cjwatson made their first contribution in #12530
Full Changelog: lxd-5.19...lxd-5.20
Contributors
mihalicyn, monstermunchkin, and 13 other contributors