·
7 commits
to main
since this release
lxd-6.2
tomponline
Tom Parrott
This tag was signed with the committer’s verified signature.
tomponline
Tom Parrott
01c912b
This commit was signed with the committer’s verified signature.
tomponline
Tom Parrott
Announcement
https://discourse.ubuntu.com/t/lxd-6-2-has-been-released/49889
What's Changed
- build(deps): bump github.com/dell/goscaleio from 1.14.1 to 1.15.0 by @dependabot in #13717
- build(deps): bump github.com/osrg/gobgp/v3 from 3.27.0 to 3.28.0 by @dependabot in #13718
- Update first_steps.md by @ancollins24 in #13725
- test/main: don't check for xgettext command by @simondeziel in #13726
- Update short description for the OIDC groups claim by @markylaing in #13727
- lxd/instance/exec: Only use keepalives on TCP sockets by @tomponline in #13731
- build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 by @dependabot in #13735
- Extract certificate add token metadata from remote member by @markylaing in #13733
- Prevent custom block volume sharing by @hamistao in #13183
- Test certificate add token remote operation by @markylaing in #13740
- test: replace many
grep -Fxby shell comparison by @simondeziel in #13744 - test: use
my_curl()helper where applicable by @simondeziel in #13747 - lxd: Improve certificate add token validation by @tomponline in #13749
- test/suites/backup: cleanup by @simondeziel in #13745
- fix(deps): update module github.com/zitadel/oidc/v3 to v3.26.0 by @renovate in #13761
- build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.3 by @dependabot in #13762
- fix(deps): update k8s.io/utils digest to 18e509b by @renovate in #13758
- VM: External QEMU snap support by @mihalicyn in #13742
- Try to extract version creation/upload time for simplestream images by @MusicDin in #13767
- Removes CODEOWNERS file by @tomponline in #13771
- Fix devlxd image export by @markylaing in #13730
- Instance: Allow nosymfollow mount flag for container apparmor profile by @mihalicyn in #13681
- Device: Fix crash when
nonetype device is added to running instance by @tomponline in #13775 - Ensure supported drivers are always in the same order by @MusicDin in #13778
- Hint shellcheck that bash is used for all test scripts by @simondeziel in #13776
- doc/authentication: clean up PKI instructions by @ru-fu in #13772
- Allow instance import from QCoW2 and VMDK format by @MusicDin in #13385
- lxd/apparmor: allow userns for security.nesting=true case by @mihalicyn in #13779
- lxd: Standardise on "err" field in contextual logging for error by @tomponline in #13781
- fix typo in index.md by @s-makin in #13784
- Improve ioctl handling (from Incus) by @tomponline in #13783
- Make migration sink arguments private by @MusicDin in #13598
- doc/contributing: add section on how-tos by @ru-fu in #13785
- Lower qemu-img convert priority during conversion instead of limiting cpu time by @MusicDin in #13787
- lxd: Update logic for project config patch by @boltmark in #13786
- fix(deps): update module github.com/pkg/xattr to v0.4.10 by @renovate in #13792
- fix(deps): update module github.com/minio/minio-go/v7 to v7.0.74 by @renovate in #13789
- fix(deps): update golang.org/x/exp digest to 8a7402a by @renovate in #13788
- Openfga dependency update by @hamistao in #13780
- Update metrics.md to remove symlink trailing slash by @JohnHammell in #13790
- VM: Use virtiofsd chroot sandbox mode on pre pidfd_open kernels by @tomponline in #13794
- doc/projects: fix documentation for PATCH request by @ru-fu in #13803
- Add entitlements to metadata by @markylaing in #13728
- Doc: Add more details on Dell PowerFlex pool creation by @roosterfish in #13795
- doc/storage: change examples to sections instead of tabs by @ru-fu in #13805
- lxd-migrate: Fix path provided to the raw disk check by @MusicDin in #13816
- Storage: Don't fail on setting dir project quota if file is removed during root fs walk by @tomponline in #13815
- lxd: Add support for starting instances on creation (from Incus) by @boltmark in #13695
- Container: Allow apparmor nosymfollow mount flag in more cases by @mihalicyn in #13820
- Specify subject name when generating keypair by @masnax in #13817
- Doc: Additional examples for cluster storage pools using remote drivers by @roosterfish in #13819
- Container: fix all apparmor ro+remount rules by @mihalicyn in #13826
- Extend conversion API with option to inject virtio drivers by @MusicDin in #13748
- Auth: Add project query parameter to URLs in authorizer by @markylaing in #13317
- doc: Use consistent naming for remote pool creation examples by @roosterfish in #13827
- fix(deps): update module github.com/go-jose/go-jose/v4 to v4.0.4 by @renovate in #13832
- fix(deps): update github.com/openfga/api/proto digest to 7e5be7b by @renovate in #13831
- Auth: Add storage volume and bucket location to URL in access check by @markylaing in #13517
- doc: Update rhsrvany link and fix code blocks by @MusicDin in #13833
- VM: Add support for extended attributes for virtiofs shares by @Ardelean-Calin in #13830
- lxd/seccomp: fix bpf syscall number for arm64 by @mihalicyn in #13841
- lxd/include: update bpf header files by @mihalicyn in #13842
- Live migration with attached storage volumes (from Incus) by @markylaing in #13823
- Add
security.protection.startto optionally prevent instance start up by @qianzhangxa in #13824 - Device: Use -o flag for xattr mode of virtiofsd for
diskdevice by @tomponline in #13845 - lxd: Ensure file is created when receiving raw image by @MusicDin in #13847
- VM: Don't fail event sending on missing agent (from Incus) by @boltmark in #13856
- Instance: Fix deadlock during failed snapshot creation by @MggMuggins in #13821
- lxd/zfs: Always try to wait for device path to appear (from Incus) by @MusicDin in #13861
- gomod: Update dependencies by @tomponline in #13858
- Entity type refactor (simplified) by @markylaing in #13846
- lxd/firewall/drivers: Fix netprio error message by @MggMuggins in #13864
- lxd: Add tracker for qemu-img progress (from Incus) by @MusicDin in #13848
- fix(deps): update module golang.org/x/sync to v0.8.0 by @renovate in #13867
- fix(deps): update module golang.org/x/oauth2 to v0.22.0 by @renovate in #13866
- lxc: Add support for creating profile from yaml (from Incus) by @gabrielmougard in #13849
- lxd: Prevent conversion from OVA file format by @MusicDin in #13877
- build(deps): bump golang.org/x/sys from 0.22.0 to 0.23.0 by @dependabot in #13871
- Image export over devlxd for virtual machines by @markylaing in #13878
- lxd-migrate: Properly handle projects (from Incus) by @MusicDin in #13880
- Adds an API extension for image export over devlxd in VMs by @markylaing in #13882
- github: Replacing @ru-fu for doc triage by @mionaalex in #13881
- doc: Update architectures documentation (from Incus) by @kadinsayani in #13851
- doc/tutorial: add a UI tutorial by @ru-fu in #13876
- github: Disable renovate by @tomponline in #13884
- doc: unpin Swagger version by @ru-fu in #13888
- lxd/firewall: Fix iptablesClear on nft shim (from Incus) by @kadinsayani in #13889
- .github: Add Jira integration yaml by @masnax in #13895
- Migration: Show source errors first (from Incus) by @boltmark in #13894
- doc: add information about creating a Windows VM by @ru-fu in #13898
- Storage: Fix import of instance snapshots with underscores in their names by @tomponline in #13899
- doc/tutorial: improve the UI tutorial by @ru-fu in #13901
- VM usb nic passthrough (from Incus) by @MggMuggins in #13890
- lxd: Refresh the state on cluster put/join (from Incus) by @boltmark in #13906
- lxd/instance/file: Add type and size to HEAD (from Incus) by @kadinsayani in #13904
- build(deps): bump golang.org/x/text from 0.16.0 to 0.17.0 by @dependabot in #13909
- General doc cleanup by @ru-fu in #13908
- build(deps): bump golang.org/x/term from 0.22.0 to 0.23.0 by @dependabot in #13912
- build(deps): bump golang.org/x/crypto from 0.25.0 to 0.26.0 by @dependabot in #13910
- doc/pdf: make PDF build work on RTD by @ru-fu in #13925
- build(deps): bump golang.org/x/sys from 0.23.0 to 0.24.0 by @dependabot in #13911
- Openfga dependency update by @markylaing in #13926
- doc/images: specify the order of split images by @ru-fu in #13935
- lxd/cluster: Ensure the cluster member config is always sorted (From Incus) by @MggMuggins in #13938
- lxd: Add virtio-blk support for virtual machines (from Incus) by @kadinsayani in #13905
- lxd/networks: Don't fill network config when joining cluster (from Incus) by @hamistao in #13931
- lxd/firewall/drivers: Make sure to always use locking (from Incus) by @hamistao in #13933
- shared: Fix comment typo (from Incus) by @hamistao in #13932
- Instance: For remote shared storage, make allow cluster self healing and migration from offline source member by @heat1024 in #13934
- Run verbose unit tests by @hamistao in #13937
- build(deps): bump github.com/zitadel/oidc/v3 from 3.26.0 to 3.27.0 by @dependabot in #13942
- build(deps): bump github.com/minio/minio-go/v7 from 7.0.74 to 7.0.75 by @dependabot in #13941
- VM: Improve QEMU passthrough device ID generation by @hamistao in #13928
- build(deps): bump github.com/miekg/dns from 1.1.61 to 1.1.62 by @dependabot in #13940
- Don't fail when notifying a server that is shutting down when using NotifyAlive by @MggMuggins in #13883
- doc/tutorial: integrate feedback for UI tutorial by @ru-fu in #13950
- gomod: Update dependencies by @tomponline in #13948
- doc/instances: add anchor to allow linking to section by @ru-fu in #13956
- shared: Allow adding multiple names to certificate SAN by @masnax in #13960
- Patches: Fix patch system so that it respects the patch stages by @tomponline in #13957
- lxc: Add support for creating bucket key from yaml (from Incus) by @gabrielmougard in #13923
- Cluster: Enforce member name cannot be
noneby @roosterfish in #13963 - lxc: Add support for creating project from yaml (from Incus) by @gabrielmougard in #13907
- Fix console show log by @MggMuggins in #13968
- lxd: Provide state for physical managed networks by @boltmark in #13965
- Network: Switch to long-lived OVN ports by @tomponline in #13900
- build(deps): bump github.com/zitadel/oidc/v3 from 3.27.0 to 3.28.2 by @dependabot in #13981
- build(deps): bump github.com/minio/minio-go/v7 from 7.0.75 to 7.0.76 by @dependabot in #13978
- storage: Conserve LV state (from Incus) by @MggMuggins in #13986
- lxd: Disable networks during evacuation (from Incus) by @MggMuggins in #13985
- build(deps): bump github.com/vishvananda/netlink from 1.2.1-beta.2 to 1.3.0 by @dependabot in #13980
- Effective project handling by @markylaing in #13886
- shared/cmd: Allow a cmd asker to be created with a logger instance by @gabrielmougard in #13859
- Add methods to instantiate a
StatusErrorwithout formatting by @markylaing in #13987 - Storage: Don't use d.state.ShutdownCtx in ZFS GetVolumeDiskPath by @tomponline in #13988
- lxd/certificates: Add input validation for certificate names by @kadinsayani in #13902
- doc/reference: Add warning about volatile keys by @markylaing in #13990
- Add guest OS compatibility matrix by @simondeziel in #13989
- Device: Remove unused IsBlockdev() by @simondeziel in #13992
- lxd/recover: Add snapshot expiry when recovering instance snapshots by @kadinsayani in #13972
- gpu: Support GPU passthrough to LXD containers using Container Device Interface (CDI) by @gabrielmougard in #13562
- shared: Fix conversion source disk size JSON and YAML key name by @MusicDin in #13996
- AppArmor: Allow procfs for unprivileged containers by @mihalicyn in #13997
- AppArmor: Allow signals receiving by @mihalicyn in #13998
- Device: Disable NVIDIA CDI for
armhfplatforms by @gabrielmougard in #14000 - lxc/network_load_balancer: add Example to create (from Incus) by @gabrielmougard in #13984
- lxd/device/cdi: add no-op
defaultNvidiaTegraCSVFilesforarmhfbuild by @gabrielmougard in #14004 - storage: Handle unsupported response from drivers (from Incus) by @MggMuggins in #14007
- lxc/storage_bucket: Add example for storage bucket create (from Incus) by @gabrielmougard in #13982
- lxc/network_zone: Add example for create command (from Incus) by @gabrielmougard in #13983
- doc/guest-os-compatibility: add SUSE 12 and 15 by @simondeziel in #14005
- AppArmor: Allow sysfs for unprivileged containers by @mihalicyn in #14010
- Migration: Forward migration errors (from Incus) by @boltmark in #13966
- Add Ubuntu to guest OS compat by @simondeziel in #14014
- Makefile: Pin github.com/dell/[email protected] by @tomponline in #14018
- lxd/storage: Create a volume snapshot with a
Descriptionby @gabrielmougard in #14016 - test/lint/godeps: don't abort on first error by @simondeziel in #14020
- Storage: Fix unnecessary dir project quota updates (from Incus) by @hamistao in #14019
- Improve on doc on how to manually setup the LXD agent by @simondeziel in #14023
- build(deps): bump github.com/go-acme/lego/v4 from 4.17.4 to 4.18.0 by @dependabot in #14027
- Device: Forbid CDI GPU hotplugging by @gabrielmougard in #14031
- lxc: allow creation of various resources from YAML (from Incus) by @gabrielmougard in #13995
- test/main: don't use any HTTP(S) proxy with localhost by @simondeziel in #14036
- Make lxd-agent install script compatible with SUSE by @simondeziel in #14003
- test: fix ceph storage tests by @gabrielmougard in #14037
- Tiny misc fixes to tests by @simondeziel in #14038
- lxd/project: Allow managed volumes under "allow" (from Incus) by @MggMuggins in #14022
- lxd/instances: Don't bypass instance limit check (from Incus) by @MggMuggins in #14021
- Cluster recovery improvements by @MggMuggins in #13754
- VM: Rework firmware detection (from Incus) by @tomponline in #14032
- Entity: Rename TypeNode to TypeClusterMember by @hamistao in #14040
- Use
errors.New()where appropriate by @simondeziel in #14024 - Project: Add
lxd/project/limitsand fix PowerFlex instance size limits by @MggMuggins in #13994 - Test
LXD_INSECURE_TLSby @simondeziel in #14039 - Shared: Add HMAC and cert utils by @roosterfish in #13969
- lxc: Improved cli completions (from Incus) by @kadinsayani in #13959
- Use
errors.New()where appropriate by @simondeziel in #14045 - lxc/publish: clarify that public means accessible to unauth'ed clients by @simondeziel in #14013
- API: Add request metrics for disaster recovery by @hamistao in #13825
- Fix LXD agent to work on SELinux systems (from Incus) by @simondeziel in #14049
- doc: Add shell completions instructions to LXD installation docs by @kadinsayani in #14048
- api: Add
metrics_api_requestsextension. by @markylaing in #14052 - VM: Firmware detection fixes (from Incus) by @tomponline in #14050
- Completions: Fix completions for config keys by @kadinsayani in #14055
- Github: Align codesql and commits workflow with test workflows for concurrency and and "on" rules by @tomponline in #14060
- lxd/instance/drivers: Move removeDiskDevices to common by @MggMuggins in #14058
- Rework manual install instructions for LXD agent (from Incus) by @simondeziel in #14054
- Improve VM shutdown (from Incus) by @hamistao in #13875
- Rework permissions checks (from Incus) by @MggMuggins in #14062
- CI Profiling precursor changes by @tomponline in #14051
- doc/howto/network_bridge_firewalld: add IPv6 rules to Docker example by @simondeziel in #14079
- client: Fix error handling in push mode copy (from Incus) by @boltmark in #14076
- build(deps): bump golang.org/x/term from 0.23.0 to 0.24.0 by @dependabot in #14065
- Updated storage volume doc to remove any suspicion of action not working by @escabo in #14080
- doc/authentication: clarify what
{client|server}.caare by @simondeziel in #14057 - github: Only build coverage data on workflow_dispatch by @tomponline in #14081
- Trust: Reimplement HMAC's ParseHTTPHeader by @roosterfish in #14053
- Patches: Fix spelling error in instance snapshot deletion trigger name by @kadinsayani in #14043
- gomod: Update dependencies and bump min Go version to 1.22.6 by @tomponline in #14084
- Github: Tiobe TICS integration by @tomponline in #14082
- Per-pool project limits (from Incus) by @MggMuggins in #14078
- lxd/instance: Add support for armhf vm's on arm64 hosts by @kadinsayani in #14077
- github: Don't interrupt ongoing tests for different actions on same github.ref by @tomponline in #14087
- lxc: Create
oidctokensdir with 0750 by @simondeziel in #14088 - github: Move disable docker steps into own action by @tomponline in #14090
- build(deps): bump github.com/openfga/openfga from 1.5.9 to 1.6.0 by @dependabot in #14028
- lxd: Deduplicate logging for instance types update failure by @MggMuggins in #14092
- github: Run TICS workflow daily by @tomponline in #14093
- test: Container disconnection on
lxc execby @hamistao in #14086 - Github: Switch to TICS action by @tomponline in #14096
- Project: Don't fail creation on missing pools (from Incus) by @roosterfish in #14095
- Doc: Disable Dell link check due to possible rate limiting by @roosterfish in #14097
- Doc: Changes to the import of a Windows VM by @mseralessandri in #14074
- VM: Fix RecordOutput (from Incus) by @tomponline in #14102
- Refactor
fsmonitorpackage in preparation for Ubuntu Pro guest attachment by @markylaing in #14110 - Request: Fix request not counted warning by @hamistao in #14056
- fsmonitor: Test unix devices with both drivers by @markylaing in #14111
- lxd/image: Acquire image lock for uploaded images by @MggMuggins in #14100
- build(deps): bump github.com/openfga/openfga from 1.6.0 to 1.6.1 by @dependabot in #14109
- Fix pool limits metadata invocation by @MggMuggins in #14116
- Backup before cluster reconfigure by @MggMuggins in #14083
- doc/howto/container_gpu_passthrough_with_docker: use single line cmds by @simondeziel in #14114
- Minor tweak around container unix device tests by @simondeziel in #14112
- Add lxd-migrate flags for non-interactive usage by @MusicDin in #14041
- doc: Update command description for lxc import image by @kadinsayani in #14117
- lxd/init: Differentiate managed and unmanaged network by @MusicDin in #14119
- lxd: Check etag when updating storage bucket by @MusicDin in #14121
- Test: Check storage_buckets file integrity is preserved by @simondeziel in #14120
- lxd-migrate: Prevent invalid instance names by @MusicDin in #14122
- Doc: Clarify meaning of
restricted.networks.subnetsandipvX.routesfor OVN networks by @tomponline in #14123 - test/suites/tls_restrictions: don't check for broken pipe error by @simondeziel in #14128
- lxc: Fix exporting vm backups to stdout by @kadinsayani in #14129
- github: Enable tmpdir for TICS by @tomponline in #14131
- Use agent build tags when performing dependency check by @markylaing in #14127
- Storage: Return
growFileSystemerrors by @MggMuggins in #14130 - Remove type bound public access by @markylaing in #14091
- Ubuntu Pro auto-attachment of guests by @markylaing in #13953
- lxd-agent: Handle built-in vsock module (from Incus) by @kadinsayani in #14140
- lxd: Update copy op response body when source is snapshot by @boltmark in #14139
- build(deps): bump github.com/zitadel/oidc/v3 from 3.29.1 to 3.30.0 by @dependabot in #14142
- Disable tests that are failing because of
resize2fskernel bug by @markylaing in #14146 - test: Don't collapse dmesg in CI when there's a kernel call trace by @MggMuggins in #14150
- tests: Don't over-provision test volume (from Incus) by @MggMuggins in #14154
- lxd/storage: Check for direct I/O when converting image format by @MusicDin in #14153
- lxc: Fix bulk unfreeze (from Incus) by @kadinsayani in #14136
- lxc: Disallow launching aliased containers of instance type VM by @kadinsayani in #14137
- Add API types for configuration metadata by @markylaing in #14132
- Remove fanotify warning on ubuntu pro fsmonitor initialisation by @markylaing in #14156
- lxd/forknet: Handle wifi detach (from Incus) by @kadinsayani in #14163
- lxd/storage: Fix check for direct I/O write support by @simondeziel in #14157
- storage: Fix direct I/O write check by @MusicDin in #14164
- Revert "lxc/init: Add error handling for launching container when image is of type VM" by @kadinsayani in #14167
- lxd/ubuntupro: Return host guest attachment setting if instance setting is unset by @markylaing in #14172
- Add trailing
/toubuntu:andubuntu-daily:remotes to avoid redirects by @simondeziel in #14169 - Trivy vulnerability scanning by @hamistao in #14145
- lxc: Add completions for server keys and console by @kadinsayani in #14115
- Fix cloud-init instance key typos by @holmanb in #14168
- Use
strings.Cut()where appropriate. by @simondeziel in #14170 - build(deps): bump github.com/minio/minio-go/v7 from 7.0.76 to 7.0.77 by @dependabot in #14181
- build(deps): bump github.com/NVIDIA/nvidia-container-toolkit from 1.16.1 to 1.16.2 by @dependabot in #14180
- Add support for binfmt misc namespace (from Incus) by @kadinsayani in #14148
- Auth: Redefine identity certificate entity types to prevent overlap by @markylaing in #14173
- Add change detection to
make i18nfor easier commit by @simondeziel in #14118 - lxd: Minor fixes by @tomponline in #14183
- godep: Update dependencies and bump min Go version to 1.22.7 by @tomponline in #14186
- Add shell completions for
lxc config deviceby @kadinsayani in #14194 - doc: silence warning caused by sphinx-tabs by @simondeziel in #14190
- lxc/completion: Update instance completions to not show server configs by @kadinsayani in #14193
- lxc/completions: Improvements to completions for
lxc action,lxc deleteandlxc execby @kadinsayani in #14203 - lxd/devices: use builtin
min()by @simondeziel in #14200 - doc/installing: update link to how to manage the LXD snap by @simondeziel in #14201
- Only return specific identity types from /1.0/certificates by @markylaing in #14199
- Improve Trivy scanning by @hamistao in #14192
- Makefile: Make lxd-user and lxd-benchmark static binaries by @tomponline in #14205
- test/suites/backup: ignore time discrepancies when untar'ing by @simondeziel in #14204
- doc: silence all warnings related to Sphinx 9.0 deprecations by @simondeziel in #14208
- PKI test improvements by @markylaing in #14213
- Storage: Use the
Net*response variables for PowerFlex pool stats by @roosterfish in #14229 - build(deps): bump github.com/dell/goscaleio from 1.15.0 to 1.16.0 by @dependabot in #13979
- gomod: Update dependencies by @tomponline in #14230
- Add
lxc file createsubcommand (from Incus) by @kadinsayani in #14188 - github: Workaround GHA download artifact bug by @tomponline in #14234
- test: Add check for unpriv_binfmt support before testing feature by @kadinsayani in #14237
- Make MicroCeph setup a reusable action by @simondeziel in #14233
- github: stop scanning Python through CodeQL by @simondeziel in #14240
- Remove workaround for sphinx-tabs warnings by @simondeziel in #14238
- Revert "github: Workaround GHA download artifact bug" by @simondeziel in #14243
- lxc/completion: Add
imagesandubunturemote completions by @kadinsayani in #14242 - lxd: Include CAP_SYS_ADMIN in rsync AppArmor profile by @boltmark in #14231
- Replace
go/astdeprecated types by @masnax in #14212 - github: only run CodeQL (go) on PRs and on weekly schedule by @simondeziel in #14246
- Auth: Implement identity deletion by @markylaing in #14191
- github: move
make doc-linkcheckto Tiobe TICS job by @simondeziel in #14245 - github: pin
actions/*using SHA commit IDs by @simondeziel in #14249 - lxd-user: Add callhook support for container stop hooks by @tomponline in #14253
- lxd: Change token pruning task to hourly. by @markylaing in #14254
- Install Trivy with GitHub action by @hamistao in #14232
- github: actions SHA pinning by @simondeziel in #14257
- lxc exec: Fix exit codes for signaled processes by @hamistao in #14252
- Microceph action tweaks by @simondeziel in #14250
- test/container_devices_nic_bridged_filtering: unload br_netfilter once done by @simondeziel in #14263
- lxc/completion:
lxc storage volume copyshell completion fixes and improvements tocompletions.goby @kadinsayani in #14265 - Define endpoint entity type explicitly by @hamistao in #14228
- build(deps): bump actions/upload-artifact from 4.4.2 to 4.4.3 by @dependabot in #14274
- gomod: Update deps by @tomponline in #14272
- lxc: Prevent accept-certificate flag when using trust token by @MusicDin in #14149
- Network: Add support for OVN uplink networks attached to a VLAN by @boltmark in #14196
- lxd/network: IPv6 CIDR size checks fixes by @mihalicyn in #14276
- Improve API metrics logging by @hamistao in #14275
- Firewall: Don't masquerade multicast traffic by @roosterfish in #14279
- github: move make doc-linkcheck back to doc by @simondeziel in #14281
- Auth: Creation of fine-grained TLS identites by @markylaing in #14207
- Makefile: stop testing with flake8 during static-analysis by @simondeziel in #14282
- Rework remote add token usage with
--accept-certificateby @simondeziel in #14161 - build(deps): bump github.com/openfga/openfga from 1.6.1 to 1.6.2 by @dependabot in #14271
- Network: Allow OVN subnets smaller than /64 when stateful DHCPv6 is enabled by @mihalicyn in #14284
lxc storage volume copy/moveshell completion fixes by @kadinsayani in #14288- Makefile: opportunistically run yamllint against GH workflows by @simondeziel in #14287
- OVN external addresses on
lxc network list-allocationsby @hamistao in #14210 - github: use shorter job names for Trivy scanning by @simondeziel in #14290
- doc: fix minor typos by @minaelee in #14289
- api: Add network_ovn_uplink_vlan API extension by @boltmark in #14296
- Networt: Fix incorrect handling of instances in UsedByInstanceDevices by @tomponline in #14299
- doc: embed discourse post title as link text by @minaelee in #14295
- Fix profile typo by @MggMuggins in #14303
- Notifier update; MemberState update by @MggMuggins in #14294
- doc/howto: Fix argument order when adding permissions to a group. by @markylaing in #14306
- build(deps): bump github/codeql-action from 3.26.12 to 3.26.13 by @dependabot in #14308
- build(deps): bump tiobe/tics-github-action from 3.2.0 to 3.2.1 by @dependabot in #14307
- api: Add
state_logical_cpusextension by @MggMuggins in #14314 - Profiles & instance listing efficency improvements (from Incus) by @hamistao in #14315
- lxd: Consider project's restricted cluster groups during instance evacuation by @boltmark in #14320
- lxd: Use explicit cluster addr when core addr is wildcard by @masnax in #14301
- Remove old retry logic (from Incus) by @hamistao in #14319
- Github: Use go mod version of go by @tomponline in #14322
- VM: Properly plumb I/O limits (from Incus) by @tomponline in #14325
- github: update apt definition in setup-microceph by @simondeziel in #14326
- Add
limits.cpu.pin_strategysetting to disable VM CPU auto pinning by default by @kadinsayani in #14171 - github: tune docker firewall disablement to work on 20.04 by @simondeziel in #14329
- github: rework actions by @simondeziel in #14330
- lxd: Fix cluster group create when >1 node is defined in the request by @boltmark in #14321
- Project limits: Use
InstanceListby @MggMuggins in #14318 - lxd/apparmor: Update with new lxd binary location in sbin by @tomponline in #14338
- lxd/cluster: Replace deprecated Recover with ReconfigureMembership by @MggMuggins in #14337
- lxc/launch: Start console if instance start was performed on server by @MggMuggins in #14340
- Switch to go-dqlite v3 by @tomponline in #14336
- Support NVIDIA CDI in Ubuntu Core environment by @mihalicyn in #14347
- Device: Improvements to GPU CDI mode & Ubuntu Core validation by @mihalicyn in #14348
- build(deps): bump github.com/pkg/sftp from 1.13.6 to 1.13.7 by @dependabot in #14361
- build(deps): bump github.com/minio/minio-go/v7 from 7.0.78 to 7.0.79 by @dependabot in #14363
- build(deps): bump github.com/zitadel/oidc/v3 from 3.30.1 to 3.31.0 by @dependabot in #14362
- build(deps): bump actions/cache from 4.1.1 to 4.1.2 by @dependabot in #14353
- build(deps): bump actions/dependency-review-action from 4.3.4 to 4.3.5 by @dependabot in #14352
- build(deps): bump github/codeql-action from 3.26.13 to 3.27.0 by @dependabot in #14355
- build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 by @dependabot in #14354
- build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by @dependabot in #14351
- Device: Fix adding a GPU CDI device with the 'all' identifier by @gabrielmougard in #14368
- Network: Consider volatile IP in ovnNetworkExternalSubnets by @boltmark in #14344
- lxc/completion: Rework instance config key completion functions by @kadinsayani in #14374
- lxd: Deduplicate logic for deletion of main image file by @boltmark in #14371
- lxc: Handle sigkill in
vga()properly to clean spice sockets and avoid accumulating them by @gabrielmougard in #14350 - Auth: Prune pending TLS identities by @markylaing in #14261
- Device: Update CDI generateSpec signature by @mihalicyn in #14379
- Log some errors as warnings by @simondeziel in #14396
- doc/tutorial: specify LXD snap by @minaelee in #14382
- Device: Use NVIDIA_DRIVER_ROOT env variable for GPU CDI by @mihalicyn in #14395
- build(deps): bump actions/dependency-review-action from 4.3.5 to 4.4.0 by @dependabot in #14385
- build(deps): bump github.com/minio/minio-go/v7 from 7.0.79 to 7.0.80 by @dependabot in #14387
- build(deps): bump github.com/zitadel/oidc/v3 from 3.31.0 to 3.32.1 by @dependabot in #14390
- build(deps): bump github.com/openfga/openfga from 1.6.2 to 1.7.0 by @dependabot in #14389
- build(deps): bump github.com/NVIDIA/nvidia-container-toolkit from 1.16.2 to 1.17.0 by @dependabot in #14386
- db: Print last dqlite entry by @MggMuggins in #14378
- docs: Improve Windows image conversion examples by @MusicDin in #14399
- github: Remove unused matrix.go references by @tomponline in #14401
- Device: Forbid any
nvidia.*instance config option if the GPU device has been added through the CDI mode by @gabrielmougard in #14407 - Remove non- stdlib errors from
lxd/responseby @markylaing in #14408 - simplestreams: Fix creation date parsing format by @MusicDin in #14402
- github: Use cache when Trivy DB download fails by @hamistao in #14415
- Docs: Fix ovn ipv4/6 address description by @edlerd in #14414
- api: sort GET /auth/permissions response by @JoelLau in #14377
- Make
security.devlxd.imageslive-updatable for VMs by @markylaing in #14445 - doc: Document devlxd Ubuntu Pro API endpoints. by @markylaing in #14444
- build(deps): bump golang.org/x/tools from 0.26.0 to 0.27.0 by @dependabot in #14443
- build(deps): bump github/codeql-action from 3.27.0 to 3.27.1 by @dependabot in #14439
- Set Target after network/storage lookup (from Incus) by @markylaing in #14420
- build(deps): bump actions/cache from 4.1.1 to 4.1.2 by @dependabot in #14438
- lxd/networks: Emit lifecycle event for OVN networks (from Incus) by @markylaing in #14416
- Auth: Mask errors returned by OpenFGADatastore by @markylaing in #14446
- Auth: Allow updating TLS identity certificates by @markylaing in #14331
- Tests: Remove
gen_certutil by @markylaing in #14449 - Network: Properly handle OVN uplink with disabled DHCP/DHCPv6 (from Incus) by @kadinsayani in #14422
- github: Fix database cache update by @hamistao in #14456
- Improve USB ID type handling by @simondeziel in #14453
- Doc: Fix broken link to maas docs by @minaelee in #14450
- Auth: Allow listing unmanaged networks with fine-grained auth by @markylaing in #14447
- github: stop adding notification comments to issues/PRs by @simondeziel in #14460
- tests: print Apport crash reports in case of failure by @mihalicyn in #14467
- Download minio action by @simondeziel in #14471
- Workaround container self-stop race by @MggMuggins in #14463
- lxc/completion: Don't hide default completion command by @kadinsayani in #14474
- Update device option descriptions to accurately convey compatibility with containers and VMs by @kadinsayani in #14454
- lxd: Consume exec websocket pings for stderr (from Incus) by @tomponline in #14477
- build(deps): bump google.golang.org/protobuf from 1.35.1 to 1.35.2 by @dependabot in #14481
- build(deps): bump github/codeql-action from 3.27.1 to 3.27.4 by @dependabot in #14478
- build(deps): bump github.com/zitadel/oidc/v3 from 3.32.1 to 3.33.1 by @dependabot in #14482
- build(deps): bump github.com/go-acme/lego/v4 from 4.19.2 to 4.20.2 by @dependabot in #14483
- Rework how binaries are stripped during CI by @simondeziel in #14470
- VM: Add missing
diskblock node name overflow handling by @kadinsayani in #14461 - github: Move chmod of go.mod, go.sum before go mod download by @tomponline in #14493
- gomod: Bump minimum Go version to 1.23 and update dependencies by @tomponline in #14494
- Test: Add panic checker by @markylaing in #14346
- Pro: Revert Pro client integration pending review of Pro client CLI by @tomponline in #14495
- Add install-lxd-runtimedeps action by @simondeziel in #14497
- lxc: Actually support
lxc warning delete --allby @hamistao in #14496 - Auth: Fix missing snapshots and backups from storage pool used-by URLs by @markylaing in #14324
- API: Storage pool used-by list follow up (#14324) by @markylaing in #14500
- github: stop stripping libs and binaries by @simondeziel in #14498
- doc: fix defaultdesc format for instance configuration related to boot by @edlerd in #14502
- build(deps): bump github.com/openfga/openfga from 1.7.0 to 1.8.0 by @dependabot in #14440
- github: Always use the latest Trivy database cache by @hamistao in #14503
- Upload core dump files as test artifacts by @markylaing in #14499
- API: Make Warning & Operation metrics member specific by @hamistao in #14323
- GitHub: Don't purge aproxy snap when reclaiming disk space by @roosterfish in #14505
- github: Set
GOTRACEBACK=crashon system test runs. by @markylaing in #14504 - api: Add
gpu_cdiextension by @gabrielmougard in #14501 - doc: Document how to inspect a LXD coredump with GDB by @markylaing in #14508
- VM: Handle not found file descriptor by @hamistao in #14479
- Revert "lxd/instance/drivers/qmp: Return an error if no fd is found" by @tomponline in #14515
- build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 by @dependabot in #14520
- build(deps): bump github.com/go-acme/lego/v4 from 4.20.2 to 4.20.4 by @dependabot in #14519
- build(deps): bump github/codeql-action from 3.27.4 to 3.27.5 by @dependabot in #14522
- build(deps): bump actions/dependency-review-action from 4.4.0 to 4.5.0 by @dependabot in #14521
- Instruct liblxc to use the lxd-stophook wrapper in the bin directory of the snap instead of sbin by @tomponline in #14526
- lxd: Simplify
allowAuthenticatedby @hamistao in #14533 - Device: Fix gpu physical DRM ID usage and improve validation of CDI IDs by @tomponline in #14535
- lxd/storage: Remove
security.sharedfrom cephfs keys by @hamistao in #14536 - DB: Use 'cluster members' instead of 'nodes' in errors by @roosterfish in #14541
- CLI: Improvements to
lxc configandlxc profileshell completions by @kadinsayani in #14542 - Network: Get fresh copy of global config when retrying network startup by @tomponline in #14540
- Fix comment typos by @tomponline in #14544
- lxd: Log error on
resultErrListAppendby @hamistao in #14514
New Contributors
- @ancollins24 made their first contribution in #13725
- @s-makin made their first contribution in #13784
- @Ardelean-Calin made their first contribution in #13830
- @qianzhangxa made their first contribution in #13824
- @mionaalex made their first contribution in #13881
- @kadinsayani made their first contribution in #13851
- @heat1024 made their first contribution in #13934
- @holmanb made their first contribution in #14168
- @JoelLau made their first contribution in #14377
Full Changelog: lxd-6.1...lxd-6.2
Contributors
mihalicyn, tomponline, and 26 other contributors