The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/7835
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
This PR introduces the `ovn.ovs_bridge` bridge network setting. It is used by OVN networks that specify the bridge network as its parent `network` in order to create an OVS uplink bridge using the setting's name (and as a name prefix for the associated veth interfaces).
This is being introduced to work around an issue when joining an node to an existing cluster that has an OVN network, because previously the internal DB network row ID was used as part of the OVS bridge name. However this caused issues during the pre-join phase because potentially a different local network ID would be used to create the OVS bridge than is used in the rest of the cluster.
This removes the use of internal DB IDs for interface names and uses config setting instead, which will be used in the pre-join phase of network creation too.
From 9807ba8fa2bb45e171d3a1b583f79fd5944ce2de Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Wed, 2 Sep 2020 11:17:57 +0100
Subject: [PATCH 1/9] lxd/network/driver/ovn: Removes unnecessary dnsmasq logic
in deleteParentPortBridge
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
lxd/network/driver_ovn.go | 15 ++-------------
1 file changed, 2 insertions(+), 13 deletions(-)
diff --git a/lxd/network/driver_ovn.go b/lxd/network/driver_ovn.go
index 1904ee7f78..3c13ec5672 100644
--- a/lxd/network/driver_ovn.go
+++ b/lxd/network/driver_ovn.go
@@ -17,7 +17,6 @@ import (
"github.com/lxc/lxd/lxd/cluster"
"github.com/lxc/lxd/lxd/db"
- "github.com/lxc/lxd/lxd/dnsmasq"
"github.com/lxc/lxd/lxd/locking"
"github.com/lxc/lxd/lxd/network/openvswitch"
"github.com/lxc/lxd/lxd/project"
@@ -506,6 +505,7 @@ func (n *ovn) parentOperationLockName(parentNet Network)
string {
// parentPortBridgeVars returns the parent port bridge variables needed for
port start/stop.
func (n *ovn) parentPortBridgeVars(parentNet Network) *ovnParentPortBridgeVars
{
+
ovsBridge := fmt.Sprintf("lxdovn%d", parentNet.ID())
return &ovnParentPortBridgeVars{
@@ -629,18 +629,7 @@ func (n *ovn) deleteParentPort() error {
// deleteParentPortBridge deletes the dnsmasq static lease and removes parent
uplink OVS bridge if not in use.
func (n *ovn) deleteParentPortBridge(parentNet Network) error {
- err := dnsmasq.RemoveStaticEntry(parentNet.Name(), project.Default,
n.getNetworkPrefix())
- if err != nil {
- return err
- }
-
- // Reload dnsmasq.
- err = dnsmasq.Kill(parentNet.Name(), true)
- if err != nil {
- return err
- }
-
- // Lock parent network so we don;t race each other networks using the
OVS uplink bridge.
+ // Lock parent network so we don't race each other networks using the
OVS uplink bridge.
unlock := locking.Lock(n.parentOperationLockName(parentNet))
defer unlock()
From 1e793a8c9f2728d6d695bf372e04d13b96f435b7 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Wed, 2 Sep 2020 12:23:38 +0100
Subject: [PATCH 2/9] lxd/device/device/utils/network: Removes
networkRandomDevName
Moving to network package.
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
lxd/device/device_utils_network.go | 17 -----------------
1 file changed, 17 deletions(-)
diff --git a/lxd/device/device_utils_network.go
b/lxd/device/device_utils_network.go
index 9556bfda9c..7ca4f3efc5 100644
--- a/lxd/device/device_utils_network.go
+++ b/lxd/device/device_utils_network.go
@@ -1,8 +1,6 @@
package device
import (
- "crypto/rand"
- "encoding/hex"
"fmt"
"io/ioutil"
"strconv"
@@ -210,21 +208,6 @@ func networkRestorePhysicalNic(hostName string, volatile
map[string]string) erro
return nil
}
-// networkRandomDevName returns a random device name with prefix.
-// If the random string combined with the prefix exceeds 13 characters then
empty string is returned.
-// This is to ensure we support buggy dhclient applications:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858580
-func networkRandomDevName(prefix string) string {
- // Return a new random veth device name
- randBytes := make([]byte, 4)
- rand.Read(randBytes)
- iface := prefix + hex.EncodeToString(randBytes)
- if len(iface) > 13 {
- return ""
- }
-
- return iface
-}
-
// networkCreateVethPair creates and configures a veth pair. It will set the
hwaddr and mtu settings
// in the supplied config to the newly created peer interface. If mtu is not
specified, but parent
// is supplied in config, then the MTU of the new peer interface will inherit
the parent MTU.
From 9a2348ae4283109bf0c128136914f50146de5cf9 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Wed, 2 Sep 2020 12:24:09 +0100
Subject: [PATCH 3/9] lxd/network/network/utils: Adds RandomDevName function
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
lxd/network/network_utils.go | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/lxd/network/network_utils.go b/lxd/network/network_utils.go
index 36ea1420b8..6e56eebdde 100644
--- a/lxd/network/network_utils.go
+++ b/lxd/network/network_utils.go
@@ -68,6 +68,21 @@ func networkValidPort(value string) error {
return nil
}
+// RandomDevName returns a random device name with prefix.
+// If the random string combined with the prefix exceeds 13 characters then
empty string is returned.
+// This is to ensure we support buggy dhclient applications:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858580
+func RandomDevName(prefix string) string {
+ // Return a new random veth device name.
+ randBytes := make([]byte, 4)
+ rand.Read(randBytes)
+ iface := prefix + hex.EncodeToString(randBytes)
+ if len(iface) > 13 {
+ return ""
+ }
+
+ return iface
+}
+
// IsInUseByInstance indicates if network is referenced by an instance's NIC
devices.
// Checks if the device's parent or network properties match the network name.
func IsInUseByInstance(s *state.State, c instance.Instance, networkName
string) (bool, error) {
From 1371927f2c9db61d5a880115eaa9e047417ccf0d Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Wed, 2 Sep 2020 12:25:33 +0100
Subject: [PATCH 4/9] lxd/device: network.RandomDevName usage
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
lxd/device/device_utils_network.go | 2 +-
lxd/device/nic_bridged.go | 4 ++--
lxd/device/nic_macvlan.go | 2 +-
lxd/device/nic_ovn.go | 4 ++--
lxd/device/nic_p2p.go | 5 +++--
lxd/device/nic_routed.go | 2 +-
6 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/lxd/device/device_utils_network.go
b/lxd/device/device_utils_network.go
index 7ca4f3efc5..0f1852403c 100644
--- a/lxd/device/device_utils_network.go
+++ b/lxd/device/device_utils_network.go
@@ -213,7 +213,7 @@ func networkRestorePhysicalNic(hostName string, volatile
map[string]string) erro
// is supplied in config, then the MTU of the new peer interface will inherit
the parent MTU.
// Accepts the name of the host side interface as a parameter and returns the
peer interface name.
func networkCreateVethPair(hostName string, m deviceConfig.Device) (string,
error) {
- peerName := networkRandomDevName("veth")
+ peerName := network.RandomDevName("veth")
_, err := shared.RunCommand("ip", "link", "add", "dev", hostName,
"type", "veth", "peer", "name", peerName)
if err != nil {
diff --git a/lxd/device/nic_bridged.go b/lxd/device/nic_bridged.go
index b30ba66d91..ef852fbc5e 100644
--- a/lxd/device/nic_bridged.go
+++ b/lxd/device/nic_bridged.go
@@ -247,12 +247,12 @@ func (d *nicBridged) Start() (*deviceConfig.RunConfig,
error) {
// Create veth pair and configure the peer end with custom hwaddr and
mtu if supplied.
if d.inst.Type() == instancetype.Container {
if saveData["host_name"] == "" {
- saveData["host_name"] = networkRandomDevName("veth")
+ saveData["host_name"] = network.RandomDevName("veth")
}
peerName, err = networkCreateVethPair(saveData["host_name"],
d.config)
} else if d.inst.Type() == instancetype.VM {
if saveData["host_name"] == "" {
- saveData["host_name"] = networkRandomDevName("tap")
+ saveData["host_name"] = network.RandomDevName("tap")
}
peerName = saveData["host_name"] // VMs use the host_name to
link to the TAP FD.
err = networkCreateTap(saveData["host_name"], d.config)
diff --git a/lxd/device/nic_macvlan.go b/lxd/device/nic_macvlan.go
index 788584f2cd..35e1eb25de 100644
--- a/lxd/device/nic_macvlan.go
+++ b/lxd/device/nic_macvlan.go
@@ -120,7 +120,7 @@ func (d *nicMACVLAN) Start() (*deviceConfig.RunConfig,
error) {
actualParentName := network.GetHostDevice(d.config["parent"],
d.config["vlan"])
// Record the temporary device name used for deletion later.
- saveData["host_name"] = networkRandomDevName("mac")
+ saveData["host_name"] = network.RandomDevName("mac")
// Create VLAN parent device if needed.
statusDev, err := networkCreateVlanDeviceIfNeeded(d.state,
d.config["parent"], actualParentName, d.config["vlan"])
diff --git a/lxd/device/nic_ovn.go b/lxd/device/nic_ovn.go
index 4b6db95bcd..e7a85d3e00 100644
--- a/lxd/device/nic_ovn.go
+++ b/lxd/device/nic_ovn.go
@@ -183,12 +183,12 @@ func (d *nicOVN) Start() (*deviceConfig.RunConfig, error)
{
// Create veth pair and configure the peer end with custom hwaddr and
mtu if supplied.
if d.inst.Type() == instancetype.Container {
if saveData["host_name"] == "" {
- saveData["host_name"] = networkRandomDevName("veth")
+ saveData["host_name"] = network.RandomDevName("veth")
}
peerName, err = networkCreateVethPair(saveData["host_name"],
d.config)
} else if d.inst.Type() == instancetype.VM {
if saveData["host_name"] == "" {
- saveData["host_name"] = networkRandomDevName("tap")
+ saveData["host_name"] = network.RandomDevName("tap")
}
peerName = saveData["host_name"] // VMs use the host_name to
link to the TAP FD.
err = networkCreateTap(saveData["host_name"], d.config)
diff --git a/lxd/device/nic_p2p.go b/lxd/device/nic_p2p.go
index 5f5b7ef089..c0a08df59c 100644
--- a/lxd/device/nic_p2p.go
+++ b/lxd/device/nic_p2p.go
@@ -6,6 +6,7 @@ import (
deviceConfig "github.com/lxc/lxd/lxd/device/config"
"github.com/lxc/lxd/lxd/instance"
"github.com/lxc/lxd/lxd/instance/instancetype"
+ "github.com/lxc/lxd/lxd/network"
"github.com/lxc/lxd/lxd/revert"
"github.com/lxc/lxd/shared"
)
@@ -73,12 +74,12 @@ func (d *nicP2P) Start() (*deviceConfig.RunConfig, error) {
// Create veth pair and configure the peer end with custom hwaddr and
mtu if supplied.
if d.inst.Type() == instancetype.Container {
if saveData["host_name"] == "" {
- saveData["host_name"] = networkRandomDevName("veth")
+ saveData["host_name"] = network.RandomDevName("veth")
}
peerName, err = networkCreateVethPair(saveData["host_name"],
d.config)
} else if d.inst.Type() == instancetype.VM {
if saveData["host_name"] == "" {
- saveData["host_name"] = networkRandomDevName("tap")
+ saveData["host_name"] = network.RandomDevName("tap")
}
peerName = saveData["host_name"] // VMs use the host_name to
link to the TAP FD.
err = networkCreateTap(saveData["host_name"], d.config)
diff --git a/lxd/device/nic_routed.go b/lxd/device/nic_routed.go
index 460993e639..ca056a4dac 100644
--- a/lxd/device/nic_routed.go
+++ b/lxd/device/nic_routed.go
@@ -193,7 +193,7 @@ func (d *nicRouted) Start() (*deviceConfig.RunConfig,
error) {
hostName := d.config["host_name"]
if hostName == "" {
- hostName = networkRandomDevName("veth")
+ hostName = network.RandomDevName("veth")
}
saveData["host_name"] = hostName
From b212605957e14def26aeb9da35f5318bae257d27 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Wed, 2 Sep 2020 14:13:41 +0100
Subject: [PATCH 5/9] lxd/network: Adds Description function
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
lxd/network/driver_common.go | 5 +++++
lxd/network/network_interface.go | 1 +
2 files changed, 6 insertions(+)
diff --git a/lxd/network/driver_common.go b/lxd/network/driver_common.go
index 41197225f6..62be2bb808 100644
--- a/lxd/network/driver_common.go
+++ b/lxd/network/driver_common.go
@@ -109,6 +109,11 @@ func (n *common) Name() string {
return n.name
}
+// Description returns the network description.
+func (n *common) Description() string {
+ return n.description
+}
+
// Status returns the network status.
func (n *common) Status() string {
return n.status
diff --git a/lxd/network/network_interface.go b/lxd/network/network_interface.go
index 69e787a14a..f8f0dabaf3 100644
--- a/lxd/network/network_interface.go
+++ b/lxd/network/network_interface.go
@@ -21,6 +21,7 @@ type Network interface {
ID() int64
Name() string
Type() string
+ Description() string
Status() string
Config() map[string]string
IsUsed() (bool, error)
From bc55a7aab15b34287836706635838d4f432fee14 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Wed, 2 Sep 2020 14:29:55 +0100
Subject: [PATCH 6/9] api: Adds network_bridge_ovn_bridge API extension
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
doc/api-extensions.md | 7 +++++++
shared/version/api.go | 1 +
2 files changed, 8 insertions(+)
diff --git a/doc/api-extensions.md b/doc/api-extensions.md
index 7ca5f9831e..ba8dcff0d2 100644
--- a/doc/api-extensions.md
+++ b/doc/api-extensions.md
@@ -1151,3 +1151,10 @@ Also introduces two new global config keys that apply to
all `ovn` networks and
- network.ovn.integration\_bridge - the OVS integration bridge to use.
- network.ovn.northbound\_connection - the OVN northbound database connection
string.
+
+## network\_bridge\_ovn\_bridge
+Adds the `ovn.ovs_bridge` setting to `bridge` networks to allow the `ovn`
networks that use it as their parent
+`network` to access the name of the OVS bridge (and prefix for the related
veth pair interfaces).
+
+If missing, the first `ovn` network to specify a `bridge` network as its
parent `network` will cause the
+setting to be populated with a random interface name prefixed with "ovn".
diff --git a/shared/version/api.go b/shared/version/api.go
index 1288a75238..4771c18f21 100644
--- a/shared/version/api.go
+++ b/shared/version/api.go
@@ -224,6 +224,7 @@ var APIExtensions = []string{
"network_type_sriov",
"container_syscall_intercept_bpf_devices",
"network_type_ovn",
+ "network_bridge_ovn_bridge",
}
// APIExtensionsCount returns the number of available API extensions.
From 0632782fa73855bac2f0a02abb5d4f690bd8937d Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Wed, 2 Sep 2020 14:14:45 +0100
Subject: [PATCH 7/9] lxd/network/driver/ovn: Updates parentPortBridgeVars to
use ovn.ovs_bridge from parent network
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
lxd/network/driver_ovn.go | 46 ++++++++++++++++++++++++++++++---------
1 file changed, 36 insertions(+), 10 deletions(-)
diff --git a/lxd/network/driver_ovn.go b/lxd/network/driver_ovn.go
index 3c13ec5672..8414132368 100644
--- a/lxd/network/driver_ovn.go
+++ b/lxd/network/driver_ovn.go
@@ -19,7 +19,6 @@ import (
"github.com/lxc/lxd/lxd/db"
"github.com/lxc/lxd/lxd/locking"
"github.com/lxc/lxd/lxd/network/openvswitch"
- "github.com/lxc/lxd/lxd/project"
"github.com/lxc/lxd/lxd/revert"
"github.com/lxc/lxd/lxd/util"
"github.com/lxc/lxd/shared"
@@ -35,6 +34,10 @@ const ovnChassisPriorityMax = 32767
const ovnVolatileParentIPv4 = "volatile.network.ipv4.address"
const ovnVolatileParentIPv6 = "volatile.network.ipv6.address"
+// ovnParentOVSBridge setting on the parent network indicating the name to use
for the OVS bridge and prefix for
+// associated veth interfaces when using the parent network as an OVN uplink.
+const ovnParentOVSBridge = "ovn.ovs_bridge"
+
// ovnParentVars OVN object variables derived from parent network.
type ovnParentVars struct {
// Router.
@@ -504,21 +507,40 @@ func (n *ovn) parentOperationLockName(parentNet Network)
string {
}
// parentPortBridgeVars returns the parent port bridge variables needed for
port start/stop.
-func (n *ovn) parentPortBridgeVars(parentNet Network) *ovnParentPortBridgeVars
{
+func (n *ovn) parentPortBridgeVars(parentNet Network)
(*ovnParentPortBridgeVars, error) {
+ parentConfig := parentNet.Config()
+ if parentConfig[ovnParentOVSBridge] == "" {
+ // Generate random OVS bridge name for parent uplink.
+ parentConfig[ovnParentOVSBridge] = RandomDevName("ovn")
- ovsBridge := fmt.Sprintf("lxdovn%d", parentNet.ID())
+ // Store in parent config.
+ err := n.state.Cluster.Transaction(func(tx *db.ClusterTx) error
{
+ err := tx.UpdateNetwork(parentNet.ID(),
parentNet.Description(), parentConfig)
+ if err != nil {
+ return errors.Wrapf(err, "Failed saving parent
network OVN OVS bridge name")
+ }
- return &ovnParentPortBridgeVars{
- ovsBridge: ovsBridge,
- parentEnd: fmt.Sprintf("%sa", ovsBridge),
- ovsEnd: fmt.Sprintf("%sb", ovsBridge),
+ return nil
+ })
+ if err != nil {
+ return nil, err
+ }
}
+
+ return &ovnParentPortBridgeVars{
+ ovsBridge: parentConfig[ovnParentOVSBridge],
+ parentEnd: fmt.Sprintf("%sa", parentConfig[ovnParentOVSBridge]),
+ ovsEnd: fmt.Sprintf("%sb", parentConfig[ovnParentOVSBridge]),
+ }, nil
}
// startParentPortBridge creates veth pair (if doesn't exist), creates OVS
bridge (if doesn't exist) and
// connects veth pair to parent bridge and OVS bridge.
func (n *ovn) startParentPortBridge(parentNet Network) error {
- vars := n.parentPortBridgeVars(parentNet)
+ vars, err := n.parentPortBridgeVars(parentNet)
+ if err != nil {
+ return err
+ }
// Lock parent network so that if multiple OVN networks are trying to
connect to the same parent we don't
// race each other setting up the connection.
@@ -540,7 +562,7 @@ func (n *ovn) startParentPortBridge(parentNet Network)
error {
}
// Ensure correct sysctls are set on uplink veth interfaces to avoid
getting IPv6 link-local addresses.
- _, err := shared.RunCommand("sysctl",
+ _, err = shared.RunCommand("sysctl",
fmt.Sprintf("net.ipv6.conf.%s.disable_ipv6=1", vars.parentEnd),
fmt.Sprintf("net.ipv6.conf.%s.disable_ipv6=1", vars.ovsEnd),
fmt.Sprintf("net.ipv6.conf.%s.forwarding=0", vars.parentEnd),
@@ -635,7 +657,11 @@ func (n *ovn) deleteParentPortBridge(parentNet Network)
error {
// Check OVS uplink bridge exists, if it does, check how many ports it
has.
removeVeths := false
- vars := n.parentPortBridgeVars(parentNet)
+ vars, err := n.parentPortBridgeVars(parentNet)
+ if err != nil {
+ return err
+ }
+
if shared.PathExists(fmt.Sprintf("/sys/class/net/%s", vars.ovsBridge)) {
ovs := openvswitch.NewOVS()
ports, err := ovs.BridgePortList(vars.ovsBridge)
From 06425c9f62cc4365d568bb6f692b40466c5525b8 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Wed, 2 Sep 2020 14:13:59 +0100
Subject: [PATCH 8/9] lxd/network/driver/bridge: Adds ovn.ovs_bridge config key
for OVN networks using bridge as parent
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
lxd/network/driver_bridge.go | 2 ++
1 file changed, 2 insertions(+)
diff --git a/lxd/network/driver_bridge.go b/lxd/network/driver_bridge.go
index 8ef1e612e4..c00a75af4a 100644
--- a/lxd/network/driver_bridge.go
+++ b/lxd/network/driver_bridge.go
@@ -226,6 +226,8 @@ func (n *bridge) Validate(config map[string]string) error {
"raw.dnsmasq": validate.IsAny,
+ ovnParentOVSBridge: validate.Optional(validInterfaceName),
+
"maas.subnet.ipv4": validate.IsAny,
"maas.subnet.ipv6": validate.IsAny,
}
From cada30dcb200ab19d0d02a28d0327b4dee6bde62 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parr...@canonical.com>
Date: Wed, 2 Sep 2020 14:48:48 +0100
Subject: [PATCH 9/9] doc/api: Removes underscore escaping when used inside
backticks
Signed-off-by: Thomas Parrott <thomas.parr...@canonical.com>
---
doc/api-extensions.md | 48 +++++++++++++++++++++----------------------
1 file changed, 24 insertions(+), 24 deletions(-)
diff --git a/doc/api-extensions.md b/doc/api-extensions.md
index ba8dcff0d2..fa749cb371 100644
--- a/doc/api-extensions.md
+++ b/doc/api-extensions.md
@@ -577,7 +577,7 @@ This introduces the new candid.api.url config option and
removes
core.macaroon.endpoint.
## backup\_compression
-This introduces a new backups.compression\_algorithm config key which
+This introduces a new `backups.compression_algorithm` config key which
allows configuration of backup compression.
## candid\_config
@@ -680,9 +680,9 @@ option `snapshots.expiry` takes an expression in the form
of `1M 2H 3d 4w 5m
parts have to be used.
Snapshots which are then created will be given an expiry date based on the
-expression. This expiry date, defined by `expires\_at`, can be manually edited
+expression. This expiry date, defined by `expires_at`, can be manually edited
using the API or `lxc config edit`. Snapshots with a valid expiry date will be
-removed when the task in run. Expiry can be disabled by setting `expires\_at`
to
+removed when the task in run. Expiry can be disabled by setting `expires_at` to
an empty string or `0001-01-01T00:00:00Z` (zero time). This is the default if
`snapshots.expiry` is not set.
@@ -717,7 +717,7 @@ used to track the current mapping for the container.
This effectively gives us:
- - `volatile.last\_state.idmap` => On-disk idmap
+ - `volatile.last_state.idmap` => On-disk idmap
- `volatile.idmap.current` => Current kernel map
- `volatile.idmap.next` => Next on-disk idmap
@@ -760,7 +760,7 @@ by a container that a registered syscall has been
performed. LXD can then
decide to trigger various actions.
## lxc\_features
-This introduces the `lxc\_features` section output from the `lxc info` command
+This introduces the `lxc_features` section output from the `lxc info` command
via the `GET /1.0/` route. It outputs the result of checks for key features
being present in the
underlying LXC library.
@@ -768,7 +768,7 @@ underlying LXC library.
This introduces the `ipvlan` "nic" device type.
## network\_vlan\_sriov
-This introduces VLAN (`vlan`) and MAC filtering (`security.mac\_filtering`)
support for SR-IOV devices.
+This introduces VLAN (`vlan`) and MAC filtering (`security.mac_filtering`)
support for SR-IOV devices.
## storage\_cephfs
Add support for CEPHFS as a storage pool driver. This can only be used
@@ -776,7 +776,7 @@ for custom volumes, images and containers should be on CEPH
(RBD)
instead.
## container\_nic\_ipfilter
-This introduces container IP filtering (`security.ipv4\_filtering` and
`security.ipv6\_filtering`) support for `bridged` nic devices.
+This introduces container IP filtering (`security.ipv4_filtering` and
`security.ipv6_filtering`) support for `bridged` nic devices.
## resources\_v2
Rework the resources API at /1.0/resources, especially:
@@ -822,8 +822,8 @@ This makes use of shiftfs as an overlay filesystem.
Export infiniband character device information (issm, umad, uverb) as part of
the resources API.
## daemon\_storage
-This introduces two new configuration keys `storage.images\_volume` and
-`storage.backups\_volume` to allow for a storage volume on an existing
+This introduces two new configuration keys `storage.images_volume` and
+`storage.backups_volume` to allow for a storage volume on an existing
pool be used for storing the daemon-wide images and backups artifacts.
## instances
@@ -853,15 +853,15 @@ This allows for editing of the expiry date on images.
Adds a FirmwareVersion field to network card entries.
## backup\_compression\_algorithm
-This adds support for a `compression\_algorithm` property when creating a
backup (`POST /1.0/containers/<name>/backups`).
+This adds support for a `compression_algorithm` property when creating a
backup (`POST /1.0/containers/<name>/backups`).
-Setting this property overrides the server default value
(`backups.compression\_algorithm`).
+Setting this property overrides the server default value
(`backups.compression_algorithm`).
## ceph\_data\_pool\_name
-This adds support for an optional argument (`ceph.osd.data\_pool\_name`) when
creating
+This adds support for an optional argument (`ceph.osd.data_pool_name`) when
creating
storage pools using Ceph RBD, when this argument is used the pool will store
it's
-actual data in the pool specified with `data\_pool\_name` while keeping the
metadata
-in the pool specified by `pool\_name`.
+actual data in the pool specified with `data_pool_name` while keeping the
metadata
+in the pool specified by `pool_name`.
## container\_syscall\_intercept\_mount
Adds the `security.syscalls.intercept.mount`,
@@ -918,7 +918,7 @@ This allows it to inherit some of the network's settings
and allows better valid
## clustering\_sizing
Support specifying a custom values for database voters and standbys.
-The new cluster.max\_voters and cluster.max\_standby configuration keys were
introduced
+The new `cluster.max_voters` and `cluster.max_standby` configuration keys were
introduced
to specify to the ideal number of database voter and standbys.
## firewall\_driver
@@ -965,7 +965,7 @@ configuration keys: `snapshots.schedule` and
## trust\_ca\_certificates
This allows for checking client certificates trusted by the provided CA
(`server.ca`).
-It can be enabled by setting `core.trust\_ca\_certificates` to true.
+It can be enabled by setting `core.trust_ca_certificates` to true.
If enabled, it will perform the check, and bypass the trusted password if true.
An exception will be made if the connecting client certificate is in the
provided CRL (`ca.crl`).
In this case, it will ask for the password.
@@ -977,17 +977,17 @@ This adds a new `size` field to the output of
`/1.0/instances/<name>/snapshots/<
This adds a writable endpoint for cluster members, allowing the editing of
their roles.
## container\_nic\_routed\_host\_address
-This introduces the `ipv4.host\_address` and `ipv6.host\_address` NIC config
keys that can be used to control the
+This introduces the `ipv4.host_address` and `ipv6.host_address` NIC config
keys that can be used to control the
host-side veth interface's IP addresses. This can be useful when using
multiple routed NICs at the same time and
needing a predictable next-hop address to use.
This also alters the behaviour of `ipv4.gateway` and `ipv6.gateway` NIC config
keys. When they are set to "auto"
-the container will have its default gateway set to the value of
`ipv4.host\_address` or `ipv6.host\_address` respectively.
+the container will have its default gateway set to the value of
`ipv4.host_address` or `ipv6.host_address` respectively.
The default values are:
-`ipv4.host\_address`: 169.254.0.1
-`ipv6.host\_address`: fe80::1
+`ipv4.host_address`: 169.254.0.1
+`ipv6.host_address`: fe80::1
This is backward compatible with the previous default behaviour.
@@ -1007,19 +1007,19 @@ rather than per core as some hardware apparently puts
threads in
different NUMA domains.
## resources\_cpu\_core\_die
-Exposes the die\_id information on each core.
+Exposes the `die_id` information on each core.
## api\_os
-This introduces two new fields in `/1.0`, `os` and `os\_version`.
+This introduces two new fields in `/1.0`, `os` and `os_version`.
Those are taken from the os-release data on the system.
## container\_nic\_routed\_host\_table
-This introduces the `ipv4.host\_table` and `ipv6.host\_table` NIC config keys
that can be used to add static routes
+This introduces the `ipv4.host_table` and `ipv6.host_table` NIC config keys
that can be used to add static routes
for the instance's IPs to a custom policy routing table by ID.
## container\_nic\_ipvlan\_host\_table
-This introduces the `ipv4.host\_table` and `ipv6.host\_table` NIC config keys
that can be used to add static routes
+This introduces the `ipv4.host_table` and `ipv6.host_table` NIC config keys
that can be used to add static routes
for the instance's IPs to a custom policy routing table by ID.
## container\_nic\_ipvlan\_mode
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
