LXD 6.2

Announcement

https://discourse.ubuntu.com/t/lxd-6-2-has-been-released/49889

What's Changed

• build(deps): bump github.com/dell/goscaleio from 1.14.1 to 1.15.0 by @dependabot in #13717
• build(deps): bump github.com/osrg/gobgp/v3 from 3.27.0 to 3.28.0 by @dependabot in #13718
• Update first_steps.md by @ancollins24 in #13725
• test/main: don't check for xgettext command by @simondeziel in #13726
• Update short description for the OIDC groups claim by @markylaing in #13727
• lxd/instance/exec: Only use keepalives on TCP sockets by @tomponline in #13731
• build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 by @dependabot in #13735
• Extract certificate add token metadata from remote member by @markylaing in #13733
• Prevent custom block volume sharing by @hamistao in #13183
• Test certificate add token remote operation by @markylaing in #13740
• test: replace many grep -Fx by shell comparison by @simondeziel in #13744
• test: use my_curl() helper where applicable by @simondeziel in #13747
• lxd: Improve certificate add token validation by @tomponline in #13749
• test/suites/backup: cleanup by @simondeziel in #13745
• fix(deps): update module github.com/zitadel/oidc/v3 to v3.26.0 by @renovate in #13761
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.3 by @dependabot in #13762
• fix(deps): update k8s.io/utils digest to 18e509b by @renovate in #13758
• VM: External QEMU snap support by @mihalicyn in #13742
• Try to extract version creation/upload time for simplestream images by @MusicDin in #13767
• Removes CODEOWNERS file by @tomponline in #13771
• Fix devlxd image export by @markylaing in #13730
• Instance: Allow nosymfollow mount flag for container apparmor profile by @mihalicyn in #13681
• Device: Fix crash when none type device is added to running instance by @tomponline in #13775
• Ensure supported drivers are always in the same order by @MusicDin in #13778
• Hint shellcheck that bash is used for all test scripts by @simondeziel in #13776
• doc/authentication: clean up PKI instructions by @ru-fu in #13772
• Allow instance import from QCoW2 and VMDK format by @MusicDin in #13385
• lxd/apparmor: allow userns for security.nesting=true case by @mihalicyn in #13779
• lxd: Standardise on "err" field in contextual logging for error by @tomponline in #13781
• fix typo in index.md by @s-makin in #13784
• Improve ioctl handling (from Incus) by @tomponline in #13783
• Make migration sink arguments private by @MusicDin in #13598
• doc/contributing: add section on how-tos by @ru-fu in #13785
• Lower qemu-img convert priority during conversion instead of limiting cpu time by @MusicDin in #13787
• lxd: Update logic for project config patch by @boltmark in #13786
• fix(deps): update module github.com/pkg/xattr to v0.4.10 by @renovate in #13792
• fix(deps): update module github.com/minio/minio-go/v7 to v7.0.74 by @renovate in #13789
• fix(deps): update golang.org/x/exp digest to 8a7402a by @renovate in #13788
• Openfga dependency update by @hamistao in #13780
• Update metrics.md to remove symlink trailing slash by @JohnHammell in #13790
• VM: Use virtiofsd chroot sandbox mode on pre pidfd_open kernels by @tomponline in #13794
• doc/projects: fix documentation for PATCH request by @ru-fu in #13803
• Add entitlements to metadata by @markylaing in #13728
• Doc: Add more details on Dell PowerFlex pool creation by @roosterfish in #13795
• doc/storage: change examples to sections instead of tabs by @ru-fu in #13805
• lxd-migrate: Fix path provided to the raw disk check by @MusicDin in #13816
• Storage: Don't fail on setting dir project quota if file is removed during root fs walk by @tomponline in #13815
• lxd: Add support for starting instances on creation (from Incus) by @boltmark in #13695
• Container: Allow apparmor nosymfollow mount flag in more cases by @mihalicyn in #13820
• Specify subject name when generating keypair by @masnax in #13817
• Doc: Additional examples for cluster storage pools using remote drivers by @roosterfish in #13819
• Container: fix all apparmor ro+remount rules by @mihalicyn in #13826
• Extend conversion API with option to inject virtio drivers by @MusicDin in #13748
• Auth: Add project query parameter to URLs in authorizer by @markylaing in #13317
• doc: Use consistent naming for remote pool creation examples by @roosterfish in #13827
• fix(deps): update module github.com/go-jose/go-jose/v4 to v4.0.4 by @renovate in #13832
• fix(deps): update github.com/openfga/api/proto digest to 7e5be7b by @renovate in #13831
• Auth: Add storage volume and bucket location to URL in access check by @markylaing in #13517
• doc: Update rhsrvany link and fix code blocks by @MusicDin in #13833
• VM: Add support for extended attributes for virtiofs shares by @Ardelean-Calin in #13830
• lxd/seccomp: fix bpf syscall number for arm64 by @mihalicyn in #13841
• lxd/include: update bpf header files by @mihalicyn in #13842
• Live migration with attached storage volumes (from Incus) by @markylaing in #13823
• Add security.protection.start to optionally prevent instance start up by @qianzhangxa in #13824
• Device: Use -o flag for xattr mode of virtiofsd for disk device by @tomponline in #13845
• lxd: Ensure file is created when receiving raw image by @MusicDin in #13847
• VM: Don't fail event sending on missing agent (from Incus) by @boltmark in #13856
• Instance: Fix deadlock during failed snapshot creation by @MggMuggins in #13821
• lxd/zfs: Always try to wait for device path to appear (from Incus) by @MusicDin in #13861
• gomod: Update dependencies by @tomponline in #13858
• Entity type refactor (simplified) by @markylaing in #13846
• lxd/firewall/drivers: Fix netprio error message by @MggMuggins in #13864
• lxd: Add tracker for qemu-img progress (from Incus) by @MusicDin in #13848
• fix(deps): update module golang.org/x/sync to v0.8.0 by @renovate in #13867
• fix(deps): update module golang.org/x/oauth2 to v0.22.0 by @renovate in #13866
• lxc: Add support for creating profile from yaml (from Incus) by @gabrielmougard in #13849
• lxd: Prevent conversion from OVA file format by @MusicDin in #13877
• build(deps): bump golang.org/x/sys from 0.22.0 to 0.23.0 by @dependabot in #13871
• Image export over devlxd for virtual machines by @markylaing in #13878
• lxd-migrate: Properly handle projects (from Incus) by @MusicDin in #13880
• Adds an API extension for image export over devlxd in VMs by @markylaing in #13882
• github: Replacing @ru-fu for doc triage by @mionaalex in #13881
• doc: Update architectures documentation (from Incus) by @kadinsayani in #13851
• doc/tutorial: add a UI tutorial by @ru-fu in #13876
• github: Disable renovate by @tomponline in #13884
• doc: unpin Swagger version by @ru-fu in https:/...

LXD 5.0.4

Announcement

https://discourse.ubuntu.com/t/lxd-5-0-4-lts-has-been-released/49681

What's Changed

Full Changelog: lxd-5.0.3...lxd-5.0.4

LXD 4.0.10

Announcement

https://discourse.ubuntu.com/t/lxd-4-0-10-lts-has-been-released/46687

What's Changed

Full Changelog: lxd-4.0.9...lxd-4.0.10

LXD 5.21.2

Announcement

https://discourse.ubuntu.com/t/lxd-5-21-2-has-been-released/46443

What's Changed

Full Changelog: lxd-5.21.1...lxd-5.21.2

LXD 6.1

Announcement

https://discourse.ubuntu.com/t/lxd-6-1-has-been-released/46259

What's Changed

• ui: add server-side gzip and security headers for LXD UI by @gabrielmougard in #13100
• Storage: Cleanup on failure in BTRFS RefreshVolume by @tomponline in #13102
• Auth: Remove can_view_configuration entitlement. by @markylaing in #13106
• Auth: Ensure projects cannot be edited or deleted by restricted clients. by @markylaing in #13107
• github: fix branch target name/version extraction logic by @simondeziel in #13110
• Network: Only stop OVN device if network is populated by @roosterfish in #13114
• client: Unset project when querying permissions. by @markylaing in #13116
• lxc: Remove impossible condition in copy by @hamistao in #13119
• Update starterpack by @ru-fu in #13117
• Doc: Fix CLI instructions for changing an image alias by @ru-fu in #13123
• doc: install extra tools inside the environment by @ru-fu in #13125
• VM: Restore 50MB tmpfs for lxd-agent as it will likely exceed 25MB by @tomponline in #13126
• doc/UI: reword status of the LXD UI by @ru-fu in #13128
• Auth: Don't build authorization drivers into the lxd-agent by @tomponline in #13129
• Makefile: consistently use pip by @simondeziel in #13131
• Storage: Specify a port for minio --console-address by @masnax in #13140
• lxc: Print "permission denied" when LXD socket isn't writable by @MggMuggins in #13120
• doc: Add CLI examples for unix-* devices by @ru-fu in #13146
• Doc: Documentation for identity and access management by @markylaing in #13134
• Test: Check version number format (X.Y.Z for LTSes, X.Y otherwise) by @simondeziel in #13139
• Auth: Remove no-op authorizer interface methods. by @markylaing in #13153
• lxc: Correctly parse remote when listing permissions. by @markylaing in #13144
• Doc: Add CLI examples for proxy device by @ru-fu in #13160
• Doc: Add CLI examples for more device types by @ru-fu in #13152
• Storage: Rework volume volatile.uuid patch by @roosterfish in #13162
• Doc: add configuration examples for gpu devices by @ru-fu in #13163
• lxd: Improves efficiency of operation cancel with permission checker. by @markylaing in #13156
• scripts: Add bash completions for lxc auth by @MggMuggins in #13159
• Auth: Pre-check permissions when performing bulk state update. by @markylaing in #13155
• UI: Update X-Xss-Protection (deprecated) for Content-Security-Policy by @gabrielmougard in #13121
• Storage: Fix Btrfs local refresh by @roosterfish in #13133
• Implement xerrors.Unwrap for api.StatusError. by @markylaing in #13080
• lxd/device/nic: fix default IP for routed NIC (ipv4.host_address) by @simondeziel in #13170
• build(deps): bump github.com/mdlayher/ndp from 1.0.1 to 1.1.0 by @dependabot in #13171
• API: Enable gzip compression by @gabrielmougard in #13164
• lxc/file: Get owner mode only if --gid or --uid is unset - from Incus by @simondeziel in #13141
• Migration: Always clone the device config by @roosterfish in #13175
• Few improvements to bash completion by @simondeziel in #13169
• lxc: Check the image really exists on the remote before exporting it by @gabrielmougard in #13161
• doc/reference: reorder pages and update the landing page by @ru-fu in #13180
• doc/explanation: reorder pages and update the landing page by @ru-fu in #13182
• Storage: Recover BTRFS pools source to block device UUID to align with creation process by @roosterfish in #13184
• Patch: Fix patches that incorrectly depend on cluster member being leader by @roosterfish in #13189
• Container: Do not set "soft" limit when hard limit is set for cgroupv2 by @mihalicyn in #13192
• doc/howto: reorder pages and update the landing pages by @ru-fu in #13188
• doc: workaround for undefined references by @ru-fu in #13196
• VM: Fix handling of > 64 limits.cpu by @tomponline in #13195
• lxd/api: Revert gzip compression on API by @tomponline in #13202
• lxd/api_internal.go: remove impossible conditions by @hamistao in #13206
• Storage: Remove unused parameters by @hamistao in #13205
• lxd: Update instance types URL by @tomponline in #13208
• build(deps): bump github.com/openfga/openfga from 1.5.0 to 1.5.1 by @dependabot in #13209
• Storage: Use reverter for Ceph RBD volume refresh by @roosterfish in #13198
• Move IPRanges parsing by @MggMuggins in #13213
• Grafana fixes by @simondeziel in #13212
• actions: add notification for doc PRs by @ru-fu in #13201
• doc: remove nesting for the tutorial by @ru-fu in #13216
• actions: fix notification for doc PRs by @ru-fu in #13221
• LXC: Implement profile expansion on lxc copy by @hamistao in #13118
• API: Add list all volumes endpoint by @hamistao in #13036
• gitignore: Ignore all pycache under doc/ by @MggMuggins in #13232
• Ensure uid, gid, and mode are valid during parsing by @MggMuggins in #13230
• Cleanup for the automatically generated config options by @ru-fu in #13229
• Storage: Use progress tracker for Btrfs migration by @roosterfish in #13233
• gitignore: Ignore all .bak by @MggMuggins in #13237
• Metrics: Differentiate between restricted and unrestricted certificates by @roosterfish in #13214
• Refactor file header parsing by @MggMuggins in #13231
• Allow setting file permissions via API and lxd file push --mode by @MggMuggins in #13193
• build(deps): bump actions/checkout from 3 to 4 by @dependabot in #13242
• Check lxd-agent imports by @simondeziel in #13219
• VM: Use auto-converge for all live migrations (from Incus) by @tomponline in #13246
• gomod: Update dependencies by @tomponline in #13245
• lxc: Add images remote for images.lxd.canonical.com by @tomponline in #13247
• Metrics: Do not expose the stopped instance metrics anymore by @gabrielmougard in #13222
• lxc: Make lxc init and lxd launch manpages more consistent by @MggMuggins in #13250
• DB: Remove ErrAlreadyDefined sentinel error. by @markylaing in #13252
• test: Tweak to be able to run tests locally by @tomponline in #13253
• Introduce requirements.nesting for images (from Incus) by @MusicDin in #13249
• Auth: Generate entitlement definitions by @markylaing in #13256
• Bash completion additions by @simondeziel in #13260
• Instance and storage volume name validation improvements by @tomponline in #13261
• Instance: Add container finit_module() syscall interception support by @mihalicyn in #13151
• VM: Instance's CPU auto rebalancing/pinning by @mihalicyn in #13257
• Storage: Improve volume name validation in CreateCustomVolumeFromBackup by @tomponline in #13263
• test/lint/godeps: rework dependency checking by @simondeziel in #13266
• Enable renovate bot by @simondeziel in #13267
• build(deps): bump golang.org/x/crypto from 0.21.0 to 0.22.0 by @dependabot in https://github.com/can...

LXD 5.21.1

Announcement

https://discourse.ubuntu.com/t/lxd-5-21-1-lts-has-been-released/43823

What's Changed

Full Changelog: lxd-5.21.0...lxd-5.21.1

LXD 5.21.0

Announcement

https://discourse.ubuntu.com/t/lxd-5-21-0-lts-has-been-released/42476

What's Changed

• github: add Canonical CLA check by @simondeziel in #12665
• doc: clarify some wording around the license by @ru-fu in #12673
• doc/backup: improve linking between pages and mention --refresh by @ru-fu in #12697
• doc: small doc fixes by @ru-fu in #12676
• doc/security: include info on privileged/unprivileged containers by @ru-fu in #12695
• build(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 by @dependabot in #12690
• build(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0 in /test/mini-oidc by @dependabot in #12689
• build(deps): bump actions/upload-artifact from 3 to 4 by @dependabot in #12683
• Clarify restricted.containers.privilege config option by @roosterfish in #12604
• doc: add sudo to set lxd ui.enable=true by @ggouzi in #12707
• Refer to licenses using their proper SPDX identifiers by @simondeziel in #12677
• Clarify optimized volume refresh by @roosterfish in #12720
• License Go SDK client as Apache-2.0 by @tomponline in #12731
• GitHub push event base ref by @markylaing in #12709
• lxc/move: Only use server-side move when dealing with a single server by @MusicDin in #12675
• lxd/instance/qemu: Start using seabios as CSM firmware by @mihalicyn in #12736
• Prevent live migration of instances with custom volumes by @MusicDin in #12733
• shared/idmap: handle "both" idmappings in raw.idmap properly by @mihalicyn in #12718
• test: Add exec exit code test by @MusicDin in #12714
• Task: Remove unnecessary calls to defer g.mu.Unlock() by @tomponline in #12710
• Allow configuring OVN SSL settings through server configuration by @simondeziel in #12638
• Use rsync flags consistently for local and remote copy by @roosterfish in #12715
• Stop dead client connection from blocking instance snapshot / remove by @gabrielmougard in #12702
• Tighten up QEMU Apparmor profile by @simondeziel in #12687
• lxd: Add support for apparmor unconfined profile mode by @alexmurray in #12713
• Remove deprecated instance config option limits.network.priority by @MusicDin in #12735
• doc: decode the objects.inv file by @ru-fu in #12701
• Fix typos in code comments and make it clear that zfs.blocksize is in bytes by @simondeziel in #12671
• doc/projects: clarify restricted.devices.disk by @ru-fu in #12613
• Make it clear that CCW devices (s390x) don't have device bus nor bus address by @simondeziel in #12669
• Use cloud-init to enable lxd-agent on Ubuntu releases before 20.04 by @simondeziel in #12680
• Removes AGPL imports from shared package by @tomponline in #12740
• lxd/init: Add support for storage volumes in preseed init by @megheaiulian in #12426
• doc: Add paragraph on how to delete images by @ggouzi in #12711
• Makefile: stop pinning openfga/go-sdk by @simondeziel in #12688
• test/lint: Always fetch the target branch if it cannot be found. by @markylaing in #12741
• Add metrics for stopped instances by @simondeziel in #12639
• doc/api-extensions: security.devlxd applies to both containers and VMs by @simondeziel in #12747
• Apply the snapshots.pattern option for manual custom volume snapshot by @gabrielmougard in #12717
• lxdmetadata: support for multiple entities comments by @gabrielmougard in #12642
• feat: annotate codebase for storage config options by @gabrielmougard in #12645
• Remove images: remote by @MusicDin in #12748
• Indicate supported instance types when querying /1.0 by @MusicDin in #12662
• README: provide links to some recommended managements tools for LXD by @simondeziel in #12749
• Ceph RBD: Restore the filesystems UUID on the volume by @roosterfish in #12745
• Force SeaBIOS instead of OVMF-based firmware & some firmware lookup logic changes by @mihalicyn in #12750
• Show mounted status of disks and partitions by @masnax in #12537
• doc: enable multiprocessing for pyspelling by @ru-fu in #12751
• Improve test/lint/golangci script by @simondeziel in #12753
• doc: use all processors for spelling check by @ru-fu in #12757
• build(deps): bump actions/dependency-review-action from 3 to 4 by @dependabot in #12758
• test/lint: Treat GITHUB_BEFORE as a revision. by @markylaing in #12759
• Scrape interval by @ru-fu in #12763
• Replace deprecated HasExtension checks by @MusicDin in #12764
• shared: Add helper for obtaining a CertInfo struct by @masnax in #12767
• OIDC fixes (without encryption) by @markylaing in #12766
• lxc/cluster: update restore help text for --force by @simondeziel in #12772
• Doc improvements (config option index and build speedup) by @ru-fu in #12770
• github: Pin MinIO to the version before ServiceV2 API by @roosterfish in #12782
• lxdmetadata: connect a substitution database by @gabrielmougard in #12776
• Restore the VM's filesystem volume on LVM and Ceph RBD by @roosterfish in #12777
• github: Pin microceph to quincy edge by @tomponline in #12786
• Indicate LTS version in lxc version by @MusicDin in #12785
• github: exempts Apache-2.0 contributions from CLA signing by @simondeziel in #12790
• Fix in-cluster storage volume refreshes by @roosterfish in #12778
• Makefile: Removes unnecessary pins of go deps by @tomponline in #12794
• Golangci whole files by @markylaing in #12791
• doc/installing: 5.0 is the last LTS release shipping lxd.migrate by @simondeziel in #12783
• github: check DCO last as it fails on big PRs by @simondeziel in #12796
• golangci: Remove/update some overly-pedantic revive lint rules. by @markylaing in #12797
• Advertise snap sources by @simondeziel in #12798
• Ceph RBD: Regenerate the FS UUID for filesystem volumes only by @roosterfish in #12805
• github: consistently use set -eux in all script snippets by @simondeziel in #12793
• Revert database on joining node if cluster join fails by @masnax in #12811
• Document that the certificate field is base64 on POST /1.0/certificates by @markylaing in #12812
• doc: update minimum and recommended requirements by @simondeziel in #12819
• Encrypt OIDC cookies by @markylaing in #12628
• Convert the certificates table into an identities table. by @markylaing in #12807
• simplestreams: Fix regression when parsing indexes that contain both combined and non-combined variants by @tomponline in #12829
• doc: additional options recommended for running Docker by @ru-fu in #12833
• Remove Candid authentication and RBAC authorization by @markylaing in #12830
• github: update CI to run most tests with Go 1.21 with build/compat test with 1.20 by @simondeziel in #12822
• Add patch to remove block.* settings from LVM and Ceph RBD block volumes by @roosterfish in #12813
• Instance: fix linting issues in the instance drivers by @gabrielmougard in #12841
• lxd: Remove RBAC and Candid config keys (patch). by @markylaing in https://github.com/canonical/lxd/pull...

LXD 5.0.3

Announcement

https://discourse.ubuntu.com/t/lxd-5-0-3-has-been-released/42074

What's Changed

Full Changelog: lxd-5.0.2...lxd-5.0.3

LXD 5.20

Announcement

https://discourse.ubuntu.com/t/lxd-5-20-has-been-released/40865

What's Changed

• lxd: Initialise server name and global config before storage patches are run by @tomponline in #12421
• Use HTTP status codes constants instead of literal numerics by @simondeziel in #12424
• lxd/firewall: Fix nftables ACL template by @rafalborczuch in #12423
• lxd/patches: Add cluster check for patches fixing volumes by @monstermunchkin in #12430
• doc: update link to tool downloads by @ru-fu in #12427
• lxd: Update certificate cache again after cluster join. by @markylaing in #12428
• Fix missing etag when retrieving storage pool by @MusicDin in #12432
• Add staticcheck target by @simondeziel in #12422
• doc: add a note about go-lxc build issue when LXC_DEVEL=1 by @mihalicyn in #12420
• Doc updates 5.19 by @ru-fu in #12435
• Doc: remove undesired content by @ru-fu in #12440
• lxd/instance/drivers: Check running status with InitPID for cgroups by @monstermunchkin in #12441
• shared/cliconfig: Nicer error on missing socket by @gabrielmougard in #12439
• Exec: Log error from io.Copy by @tomponline in #12443
• Ensure the remote connection using simplestreams is valid before adding it by @gabrielmougard in #12442
• Revert "Ensure the remote connection using simplestreams is valid before adding it" by @tomponline in #12446
• Candid + RBAC test suite by @markylaing in #12436
• doc: temporarily ignore MAAS links by @ru-fu in #12448
• loki: enable TLS verification if a CA cert is provided by @simondeziel in #12402
• Authentication method constants by @markylaing in #12450
• Require destination name when copying an instance on the same server by @MusicDin in #12447
• test/suites: Unsets RBAC configuration after test. by @markylaing in #12453
• Drop GetTLSConfig() unused args by @simondeziel in #12452
• lxd/instance/driver/qemu: replace sha1 by sha256 in blockNodeName() by @simondeziel in #12454
• Refactors projectParam for use outside of lxd directory by @markylaing in #12451
• lxd: Exec wrapper improvements by @tomponline in #12456
• Authorization refactor in preparation for fine-grained authorization by @markylaing in #12313
• lxd/cluster/config: Add missing bool default values by @MusicDin in #12460
• Support server side copy/move of custom storage volumes in clusters by @monstermunchkin in #12386
• doc/networking/firewall: add more restrictive UFW rules by @ru-fu in #12266
• readme: reference Ubuntu's LXD security page by @eslerm in #12444
• lxd/storage_volumes: Fix calls to QueryParam by @monstermunchkin in #12462
• gomod: Switch UUID package by @roosterfish in #12471
• lxd/patches: Ensure renaming is only done on cluster leader by @monstermunchkin in #12467
• test/suites: Fixes wait_no_operations helper. by @markylaing in #12464
• OpenFGA authorization driver by @markylaing in #12252
• lxc/network forward: Fix typo port to ports. by @VergeDX in #12479
• doc: add page title for related links by @ru-fu in #12480
• Fix idmapped mount layer on intercepted mounts by @mihalicyn in #12484
• config: Ensure config key values are reset to their default by @monstermunchkin in #12483
• instance/lxc: Fix swap limit handling by @gabrielmougard in #12466
• test/deps: switch to ecdsa certificate by @simondeziel in #12472
• doc: small fixes OpenFGA docs by @ru-fu in #12485
• zfs: Support zfs pools containing '/' in the patch by @monstermunchkin in #12469
• Test metrics cert by @simondeziel in #12486
• metrics: Fix label merging in metric sets by @monstermunchkin in #12474
• lxd/device/proxy: Consider routed NIC IPs for wildcard target check by @tomponline in #12502
• lxd/network/driver/bridge: Improve comments for accept_ra by @tomponline in #12501
• Go: Bump minimum version to 1.20 by @tomponline in #12506
• test/lint: Removes openfga model linter. by @markylaing in #12509
• Always use -- with exec delimiter by @simondeziel in #12455
• Add NVME disk support by @simondeziel in #12500
• Fix load balancer port typo by @MusicDin in #12508
• Restrict user.* keys by @monstermunchkin in #12487
• Go 1.20 followup by @simondeziel in #12512
• lxc/delete: Include instance name in error message by @monstermunchkin in #12499
• Adds tests for OIDC by @markylaing in #12490
• shared/network: Only skip TLS verification if no remote certificate is available by @simondeziel in #12457
• lxc: Use volume copy when moving to target project by @roosterfish in #12521
• Trust ca certs by @markylaing in #12513
• lxd/instance/exec: Only use keepalives on TCP sockets by @cjwatson in #12530
• btrfs: Handle pools whose source is a subvolume outside of the pool mount path by @monstermunchkin in #12498
• client: Use io.Writer for Stdout/Stderr in InstanceExecArgs by @monstermunchkin in #12495
• Import from incus by @simondeziel in #12532
• config: Fix acme.ca_url short description by @monstermunchkin in #12535
• lxd/instance/drivers/driver_qemu: force 4MB UEFI firmware in snap by @mihalicyn in #12515
• Read system certs directly from /etc/ssl by @masnax in #12541
• lxd/instance/drivers/driver_qemu: use OVMF_CODE.fd in a non-snap envi… by @mihalicyn in #12543
• lxd/instance/drivers/driver_qemu: add the boot.debug_edk2 option by @mihalicyn in #12522
• Add LXD server UUID file by @roosterfish in #12544
• doc/installing: LXC_DEVEL needs to be fixed on 22.04+ by @simondeziel in #12549
• Exec cleanup improvements by @tomponline in #12542
• Rename ring buffer to com.canonical.lxd by @MusicDin in #12548
• Few small changes to lxd-agent-setup script by @simondeziel in #12552
• github: instruct dependabot to also look after the stable-5.0 branch by @simondeziel in #12553
• Respect storage pool configuration when moving instance between projects by @MusicDin in #12412
• github: instruct dependabot to also look after the stable-4.0 branch by @simondeziel in #12556
• github: dependabot knows which branch to target by @simondeziel in #12561
• VM: Support bootorder in edk2 CSM mode by @mihalicyn in #12564
• Set specific root drive config only for Ceph backends by @roosterfish in #12569
• Use stable random generator for temporary instance name by @roosterfish in #12568
• Optionally create entities for cephfs storage pool by @masnax in #12538
• Use default VM block filesystem size from driver by @roosterfish in #12566
• Update iso import in instances_create by @MusicDin in #12572
• Improved filtering from Incus by @simondeziel in #12570
• doc/howto: Make pool name consistent in iso tutorial. by @markylaing in #12574
• Revert to filepath traversal if subvolume list fails by @markylaing in #12565
• doc/instances: change pool name to be consistent by @ru-fu in #12576
  ...

LXD 5.19

Announcement

https://discourse.ubuntu.com/t/lxd-5-19-has-been-released/39590

What's Changed

• patches: Don't fail if no storage pools were found by @monstermunchkin in #12289
• simplestreams: Fix regression in lxd_combined.tar.gz handling by @tomponline in #12294
• loki: Sort context keys alphabetically by @monstermunchkin in #12296
• client: check API extension for instances_rebuild by @gabrielmougard in #12298
• Small Loki fixes by @monstermunchkin in #12300
• doc: add link to Windows VM tutorial by @ru-fu in #12302
• doc: align with current doc starter pack by @ru-fu in #12275
• lxd/main_init: use GiB instead of GB for storage-create-loop by @simondeziel in #12307
• doc: include the cheat sheet again by @ru-fu in #12303
• Add name and project to lifecycle events and loki by @monstermunchkin in #12301
• loki: Add hostname as instance label value by @monstermunchkin in #12305
• Add support for network device limits.priority option by @mihalicyn in #12135
• lxd/device/nic_ovn: Prevent setting static IPv6 if static IPv4 is not set by @MusicDin in #12311
• makefile: use venv pip and not global pip by @gabrielmougard in #12314
• Doc: fix for topical navigation by @ru-fu in #12288
• Instance volume configuration through disk device by @MusicDin in #12089
• Enforce security.shifted and security.unmapped to be mutually exclusive. by @markylaing in #12316
• doc: document the project config options by @gabrielmougard in #12251
• github: add differential shellcheck to get in-PR feedback by @simondeziel in #12323
• doc: fix swagger display by @ru-fu in #12321
• Use generic helper functions by @monstermunchkin in #12320
• firewall: fix nftables hostVersion() description by @mihalicyn in #12328
• github: only try to upload differential shellcheck result if it ran by @simondeziel in #12324
• Allows usage of remote: with lxc network list-allocations and fixes project usage. by @markylaing in #12331
• patches: Remove invalid block settings from existing volumes by @monstermunchkin in #12330
• README: Update test status badge so it accurately shows status of tests.yml workflow by @tomponline in #12332
• README: remove CII Best Practices badge link by @simondeziel in #12336
• Fix info --resources for wwan devices by @skatsaounis in #12281
• patches: Check server name when unsetting invalid block settings by @monstermunchkin in #12340
• client/lxd/images: Propagate error (if any) when streaming split tarballs by @montag451 in #12341
• tests: Don't use lxdbr0 in network tests by @tomponline in #12346
• doc/devices_nic: add missing column to limits.priority description by @simondeziel in #12350
• github: look for branch target name in PR title by @simondeziel in #12351
• lxc: Handle volume rename in lxc storage volume move command by @monstermunchkin in #12348
• lxd: Fully configure new node from cluster config after it is added. by @markylaing in #12347
• lxd/patches: Fix patchStorageRenameCustomISOBlockVolumes when no storage pools exist by @tomponline in #12352
• lxc/storage: Initialise writable storage pool config map if nil. by @markylaing in #12353
• github: sign commits (with SSH key) to repo on git.launchpad.net by @simondeziel in #12342
• build(deps): bump redhat-plumbers-in-action/differential-shellcheck from 4 to 5 by @dependabot in #12355
• github: Skip edge snap build for pushes on branches from dependabot by @tomponline in #12357
• client: Remove project from format string API path. by @markylaing in #12359
• client: Pass a flag into queryOperation to skip event listener setup if not required. by @markylaing in #12349
• github: build static lxc and lxd-migrate bins for arm64 by @simondeziel in #12364
• scripts/bash: add missing lxc config trust subcommands by @simondeziel in #12363
• Move certificate cache into new package by @markylaing in #12367
• github: build static lxc and lxd-migrate bins for arm64 by @simondeziel in #12375
• lxd-agent: Adds an operation wait endpoint to fix VM exec operations by @markylaing in #12372
• build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 by @dependabot in #12376
• lxd: Properly forward rebuild requests by @gabrielmougard in #12373
• doc/support: clarify information about LTS releases and timing by @ru-fu in #12371
• Fix duplicate used by entry in storage pool by @MusicDin in #12366
• Doc: fixes to projects documentation by @ru-fu in #12369
• Doc: add information about managing the snap by @ru-fu in #12365
• lxd/resources: if SCSI_IDENT_SERIAL is available, use it as serial nr before ID_SERIAL_SHORT by @gabrielmougard in #12377
• Fix .md docs by @simondeziel in #12378
• Improve ceph test reliability by @simondeziel in #12384
• github: tune ext4 for speed and reclaim some space by @simondeziel in #12385
• Add lxd-user test by @MusicDin in #12379
• doc: remove lxd.{ogg,wav} now that mp3 support is ubiquitous by @simondeziel in #12383
• Operation wait extension by @markylaing in #12380
• Return error from locking.Lock by @roosterfish in #12382
• Fix interactive exec hangs when background processes still running by @tomponline in #12381
• Update translations from weblate and go mod for LXD 5.19 by @tomponline in #12389
• patches: Fix patch regarding unsetting zfs block settings by @monstermunchkin in #12390
• client: Unset response header timeout when waiting for operations. by @markylaing in #12394
• internal/server/seccomp: Fix clang build by @monstermunchkin in #12393
• shared/osarch: Add loongarch64 by @monstermunchkin in #12392
• Respect instance-only flag when generating backup.yaml by @MusicDin in #12395
• github: use ppa:ubuntu-lxc/daily instead of ppa:ubuntu-lxc/lxc-git-master by @mihalicyn in #12396
• lxd-agent: Fixes vsock listener restart on boot due to vsock module not being fully initialised by @tomponline in #12404
• lxd: Remove use of ioutil by @simondeziel in #12400
• lxd-agent: Fixes intermittent exec EOF closure when vsock listener is restarted just after boot by @tomponline in #12405
• shared/api/url: Fix double path encoding issue by @tomponline in #12407
• network: Don't consider an IP parse failure of a proxy listen address an error by @tomponline in #12411
• Fix/multiple ephemeral delete by @gabrielmougard in #12403
• Fix volume rename if cluster desination target is set by @roosterfish in #12410
• github: Run push actions on main and release branches only by @roosterfish in #12415
• test/remote: switch to cloud-images.ubuntu.com URLs by @simondeziel in #12413

New Contributors

• @skatsaounis made their first contribution in #12281

Full Changelog: lxd-5.18...lxd-5.19