Home LXD LXD 6.1 Released With Automatic IP Allocation, VM Core Pinning And More

LXD 6.1 Released With Automatic IP Allocation, VM Core Pinning And More

By sk
347 views

LXD 6.1, the first feature release in the new 6.x series, is released with significant improvements to container and virtual machine management. This update focuses on enhancing network functionality, VM performance, and overall system security.

Automated IP Allocation for OVN Networks

One of the notable features in LXD 6.1 is the automatic IP allocation for OVN network forwards and load balancers.

In the previous versions, users had to manually specify the external listen address on the uplink network, which could be time-consuming and required sufficient access to see available IPs.

With the new --allocate flag, users can instruct LXD to allocate an IPv4 or IPv6 address, and LXD will select an unused IP in the range(s) allocated for OVN network use on the uplink network.

Improved VM Performance with Automatic Core Pinning

Virtual machine performance receives a boost in this release with the introduction of automatic core pinning. LXD's instance scheduler now pins QEMU processes to load-balanced CPU cores for VMs that don't specify explicit core assignments.

This change aims to provide more predictable performance for latency-sensitive applications running in VMs. The scheduler dynamically rebalances CPU pinning configurations as instances are added, modified, or removed.

Enhanced Storage Options

LXD 6.1 introduces support for the Dell Powerflex Storage Data Client (SDC) kernel driver. This addition provides an alternative to NVME over TCP for Powerflex storage pools.

To use the SDC mode, users can set the powerflex.mode to sdc. If not specified, LXD will attempt to use NVME mode first before falling back to SDC mode.

Security Enhancements

In an effort to improve security, LXD 6.1 removes the trust password feature. This change eliminates the use of long-lived shared passwords for API access. Users must now add certificates directly to the trust store or use join tokens to add new clients.

The release also tightens container mknod syscall interception capability checks, aligning them with standard kernel behavior. Now, only users with CAP_MKNOD in the container's initial user namespace can use this feature.

Network Security Improvements

LXD 6.1 enhances network security by dropping DNS traffic to dnsmasq originating outside the bridge network. This prevents potential external access to the DNS service on bridges configured with routable subnets.

Additional Enhancements

The release includes several other improvements, such as support for running VMs on hosts with more than 64 CPUs, fixes for long TPM and disk directory share device names in VMs, and removal of armhf support for ceph.

For a complete list of changes, please refer to the changelog.

Download LXD 6.1

Users can download the latest tarballs from releases page.

Binary builds are also available through various channels, including Linux snap packages, Homebrew for macOS, and Chocolatey for Windows.

Linux:

snap install lxd

MacOS:

brew install lxc

Windows:

choco install lxc

Resource:

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. By using this site, we will assume that you're OK with it. Accept Read More