Canonical has released the release of the new version of your tools to organize the operation of insulated containers LXC 4.0, the container manager LXD 4.0 and FS LXCFS virtual 4.0 for simulation in containers / proc, / sys and virtualized cgroupfs for distributions without support for cgroup namespaces.
For those who are unaware of these tools, they should know that LXC is a runtime for running both system containers and containers for individual applications (OCI). LXC includes the liblxc library, a set of utilities, templates for creating containers, and a set of folders for various programming languages.
LXD is a plug-in for LXC, CRIU and QEMU what is used to centrally manage containers and virtual machines on one or more servers. If LXC is a low-level toolkit for manipulating at the level of individual containers, LXD is implemented as a background process that accepts requests over the network via the REST API and allows you to create scalable configurations implemented in a cluster of multiple servers.
Supports various storage backends (directory tree, ZFS, Btrfs, LVM), snapshots with a state break, live migration of working containers from one machine to another, and tools to organize image storage. The LXD code is written in Go and is distributed under the Apache 2.0 license.
What's new in LXC 4.0?
In this new version, the controller for working with cgroup has been completely rewritten, Besides that added support for unified cgroup hierarchy (cgroup2), added freezer controller functionality with which you can stop working on cgroup and temporarily free up some resources (CPU, I / O and possibly even memory) to perform other tasks.
As well added support for kernel subsystem "pidfd" designed to handle PID reuse situation (pidfd joins a specific process and does not change, while the PID can be linked to another process after completing the current process associated with this PID)
In addition, an infrastructure was implemented to intercept system calls and the creation and deletion was improved for network devices, as well as their movement between the namespaces of the network subsystem.
And the ability to move wireless network devices (nl80211) to containers was implemented.
What's new in LXD 4.0?
To segment the LXD servers, a project concept has been proposed that simplifies the management of groups of containers and virtual machines. Each project can include its own set of containers, virtual machines, images, profiles, and storage partitions. In relation to projects, you can set your own restrictions and change settings.
The support for launching not only containers, but also virtual machines, also support for intercepting system calls for containers, as well as support for shiftfs, a virtual FS for assigning mount points to the user namespace (user namespace).
Added the ability to configure the MAC address and determine the source address for NAT and also an added API to manage bindings in DHCP.
Also provided in this new release is automated creation of snapshots of environments and storage sections with the ability to set the lifetime of a snapshot.
Of the other changes mentioned in the ad:
- Implemented environment backup and recovery.
- Added API to monitor network status (lxc network information).
- New types of "ipvlan" and "routed" network adapters are proposed.
- Added backend to use CephFS based storages.
- Clusters support image replication and multi-architecture configurations.
- Added Role Based Access Control (RBAC).
- Added support for CGroup2.
- Support for Nftables was added.
Finally if you want to know more about it about the news of this new version, you can check the details In the following link.