Introduction

The LXD team is very excited to announce the release of LXD 3.4!

The main highlight for this release is the major performance improvement that made it in.

We upgraded to a newer version of our database backend, introduced new internal APIs for batch queries, made it possible to query all container states in one API call and fixed a number of bottlenecks that were quite negatively affecting cluster performance.

Initial tests show that a cluster running several thousand containers will now usually return basic container status ( lxc list --fast ) in just a couple of seconds with most other operations also significantly faster than in the past. Things aren’t quite as fast as we’d like them to be yet, especially when querying the full container state of hundreds/thousands of containers ( lxc list ) but we’re working on a few options to improve that too.

As for new features, we added progress reporting to a few missing commands in our command line client, added support for aliasing to external commands and added support for cross-host DNS when using a Fan bridge on a LXD cluster.

Enjoy!

Important notes

Fixed container snapshot and backup naming

In the past, the name property of all snapshots and backups included the container name followed by a slash and then by the snapshot or backup name.

This was redundant given that you could only get this information by querying a particular container.

The API now only returns the snapshot or backup name but LXD still understands the old syntax to allow for migrations and restoring of existing backups.

Switched to a newer implementation of dqlite

dqlite , the distributed sqlite3 implementation that we started using for LXD in LXD 3.0 has been significantly reworked to remove a number of performance bottlenecks.

Most of the database logic is now done inside a C library ( libdqlite ) with a matching Go package ( go-dqlite ) providing the SQL interface for LXD.

The on-disk format remains unchanged, so there’s no risky upgrade step for this but packagers need to be aware of the new library and package it with LXD.

Renamed lxc remote set-default to lxc remote switch

We renamed lxc remote set-default to the much friendlier and shorter lxc remote switch , this is in preparation for work on LXD projects which will have a similar switch subcommand.

lxc remote set-default remains valid as an alias of lxc remote switch .

Renamed the macaroon authentication options to candid

Now that a standard implementation of macaroon based authentication is publicly available in the Candid project we have updated LXD to support it and renamed our configuration options to match.

This primarily affects the old core.macaroon.endpoint which has now been renamed to candid.api.url . Upgrading to LXD 3.4 will automatically convert one into the other.

New features

Fan-aware DNS resolving for clusters

One problem several users ran into when running a LXD cluster using the Ubuntu Fan as an overlay network was that even though all traffic was properly routed between the various nodes, attempting to resolve the name of a container would only work if it happened to be running on the same cluster node.

LXD 3.4 changes that by now attempting to resolve DNS queries for the network’s defined domain ( lxd by default) against all of the nodes until one returns a value, making it feel like it’s all handled by a single unified DNS server.

Faster API for container status

A new /1.0/containers?recursion=2 API has been added which allows for retrieving all containers, their configuration, their state, their snapshot list and their backup list in a single call.

This effectively lets you move from making 1 main API call followed by 3 additional calls per container to just doing a single call.

Progress information in lxc file and lxc import

Transferring files or uploading a backup to LXD will now get you progress information.

When available, you’ll get the percentage transferred and current speed, when the size is unknown, you’ll still get how much was transferred and the transfer speed.

Aliases to external commands

It’s now possible to setup aliases in the command line client which point to external commands. All you have to do is have the alias begin with the absolute path to the command to execute.

lxc alias add my-script "/usr/local/bin/myscript @ARGS@ --extra-args"

File capabilities support

All calls to tar and rsync now pass the required options to save and restore extended attributes, including file capabilities.

On top of that, we’ve implemented logic in our idmap package to shift and unshift files that include file capabilities, using the recently introduced unprivileged file capabilities.

On suitable kernels (upstream 4.14+) this will now allow LXD images to include file capabilities for utilities such as ping or mtr and have users of privileged or unprivileged containers alike be able to set and use those capabilities.

Bugs fixed

client: Centrally handle targeting

client: Fix CopyContainerSnapshot API

doc: Fix API output for snapshots

doc: Fix typo in storage documentation

doc: Update README to cover make deps and new requirements

and new requirements doc: Update requirements

global: Support xattrs in rsync calls

global: Support xattrs in tar calls

global: Unify error messages

i18n: Update translations from weblate

i18n: Update translation templates

lxc: Allow aliases to external commands

lxc: Make answer to remote add translatable

lxc/container: CEPH also needs offline quotas

lxc/copy: Update to fixed CopyContainerSnapshot

lxc/file: Show progress

lxc/image: Fix URL-based imports

lxc/import: Show progress

lxc/list: Port to ContainerFull

lxc/list: Support for recursion=2

lxc/remote: Fix crash on bad remote name

lxc/remote: Rename set-default to switch

lxc/storage: Fix bad argument parsing

lxc/utils: Handle empty progress

lxc-to-lxd: Fix lxc.rootfs parsing

lxc-to-lxd: Fix rootfs tests

lxd: Add dns forwarder

lxd: Don’t include container name in backups/snapshots

lxd: Fix --syslog flag

lxd: Port over to new containerLoadAll function

lxd: Port over to new containerLoadNodeAll function

lxd/backups: No need for interfaces

lxd/cluster: Allow for MemberConfig to be empty in new join API

lxd/cluster: Fix typo in errors

lxd/cluster: Fix unit test regression

lxd/cluster: Only query the containers we need

lxd/cluster: Properly skip pending networks/pools

lxd/cluster/gateway: Log proxy errors

lxd/cluster/gateway: Tweak errors

lxd/containers: Add helpers for retrieving containers

lxd/containers: Don’t flush leases for snapshots

lxd/containers: Fetch containers info in parallel

lxd/containers: Implement support for recursion=2

lxd/containers: Improve shutdown logic for cluster nodes

lxd/containers: Only get the profiles once

lxd/containers: Speed up recursive list

lxd/containers: Use internal struct values

lxd/db: Adapt main package to new cluster sub-package API

lxd/db: Add ContainerArgsList and ContainerArgsNodeList

lxd/db: Add support for “lxd sql global .sync”

lxd/db: Capitalize error messages

lxd/db: Drop go-1.6 backward compatibility

lxd/db: Drop raft snapshot workaround

lxd/db: Fix lints

lxd/db: Fix snapshot filtering

lxd/db: Fix some missing error checks

lxd/db: Limit open connections to local db after initialization

lxd/db: Redirect dqlite logging to lxd logging

lxd/db: Re-enable empty table checks

lxd/db: Replace grpc-sql with dqlite custom protocol

lxd/db: Use mattn’s sqlite3 bindings instead of our fork

lxd/db: Wire dqlite server

lxd/forkproxy: use correct types for {g,u}ids

lxd/images: Cleanup any leftovers on startup

lxd/images: Send a notification to other nodes when an image is removed

lxd/import: Fix support for snapshots without container name

lxd/init: Make use of the new cluster join API

lxd/networks: Add support for FAN clustered DNS

lxd/networks: Don’t try listing containers for lo

lxd/networks: Drop unused db property

lxd/networks: Fix packet stats logic for containers

lxd/networks: Ignore veth devices

lxd/networks/state: Skip non-existing interfaces

lxd/patches: Fix “no transaction is active” error during database updates

lxd/state: Add endpoints to state struct

lxd/storage: Cache storage version

lxd/storage: Don’t log every storage init

lxd/storage/ceph: Fix default container quotas

lxd/storage/zfs: Optimize getting disk usage

Makefile: Add deps target

Makefile: Drop gccgo

Makefile: Drop outdated comment

Makefile: Fix tags handling

Makefile: Fix typo in .PHONY

Makefile: Include dqlite in dist tarball

Makefile: Rename protobuf to update-protobuf

Makefile: Require libsqlite3

Makefile: Respect CGO_CFLAGS

Makefile: Set PKG_CONFIG_PATH

Makefile: Tweak sqlite build flags

Makefile: Use shallow clone for dist

Makefile: Use shallow clone for deps

shared/api: Define ContainerFull

shared/idmap: C coding style fixups

shared/idmap: Convert uid from big to little endian

shared/idmap: Fix xattr.h import

shared/idmap: Shift fscaps

shared/idmap: s/set_caps/set_vfs_ns_caps/g

tests: Add test for cluster shutdown logic

tests: Fix lxc-to-lxd unit tests

tests: Fix new storage get/set test

Try it for yourself

This new LXD release is already available for you to try on our demo service.

Downloads

The release tarballs can be found on our download page.