Hey everyone,
LX{C,FS,D} upstream here. :)I'm sorry to ping you all at once in this mail and I seriously hope I only added actual package maintainers for LXC based projects in their respective distros to this mail. If not I'm genuinely sorry to have banged on your door (or rather inbox) on a Saturday! A few days ago we released LXC [1] and LXD [2] 3.0.0 which are going to be our next LTS releases receiving support from upstream for 5 years until 2023. LXC 3.0.0 not just introduces a lot of changes and improvements on all fronts in general but will also likely require changes in packaging. These changes are what I'd like to inform you about because we really don't want you all to run into pointless confusion and problems. The distros I think should be reached by this mail are: Alpine ArchLinux Debian Fedora Gentoo NixOS openSUSE OpenWrt Please, if anyone of you know other packagers in other distros that are not derivatives of the above please forward this mail. Don't leave fellow maintainers hanging. :) Here is a list of what we consider will most likely affect you as packagers: 1. **Important** the lxc-templates have been moved out of the main LXC tree into a separate repository https://github.com/lxc/lxc-templates This means that without this separate package LXC will now only come with the following templates: lxc-busybox lxc-download lxc-local lxc-oci 2. **Important** distrobuilder is the new way of creating machine/system container images The templates have been replaced by a new project called "distrobuilder" [5]. It aims to be a very simple Go project focussed on letting you easily build full system container images by either using the official cloud image if one is provided by the distro or by using the respective distro's recommended tooling (e.g. debootstrap for Debian or pacman for ArchLinux). It aims to be declarative, using the same set of options for all distributions while having extensive validation code to ensure everything that's downloaded is properly validated. **Warning: Advertisement** please consider packaging distrobuilder. https://github.com/lxc/distrobuilder A more lengthy justification can be found at: https://brauner.github.io/2018/02/27/lxc-removes-legacy-template-build-system.html 3. The python3 bindings have been moved out of the main LXC tree and are maintained in a separate Github repo under the LXC namespace. https://github.com/lxc/python3-lxc This means that the --with-python configure flag should be dropped. A more lengthy justification can be found at: https://brauner.github.io/2018/02/27/lxc-removes-legacy-template-build-system.html 4. The lua bindings have been moved out of the main LXC tree and are maintained in a separate Github repo under the LXC namespace. https://github.com/lxc/lua-lxc This means that the --with-lua configure flag should be dropped. A more lengthy justification can be found at: https://brauner.github.io/2018/02/27/lxc-removes-legacy-template-build-system.html 5. **Important** the pam_cgfs.so pam module has moved from the LXCFS tree into the LXC tree https://github.com/lxc/lxc/blob/master/src/lxc/pam/pam_cgfs.c This means that in order to compile the pam module with LXC you should pass: --enable-pam and --with-pamdir=PAM_PATH when compiling LXC. In case you don't know what the pam module is for it is used to allow unprivileged cgroup management for fully unprivileged containers. It useful for all container runtimes (e.g. openSUSE is shipping and using it). For a slightly deeper look at it I suggest you read [3]. 6. Removeal of legacy cgroup drivers This includes the cgmanager driver. Which also implies that This means that the --with-cgmanager configure flag should be dropped. The cgmanager package can likely also be dropped unless you maintain a package for our 1.0 stable branch! A more lengthy justification can be found at: https://brauner.github.io/2018/02/20/lxc-removes-legacy-cgroup-drivers.html 7. All legacy configuration keys have been removed. With LXC 2.1.0 we started to print warning when legacy configuration keys were used in the container config and started yelling at people that we will remove legacy configuration keys in LXC 3.0.0. This is now reality. We ship an upgrade script since LXC 2.1: chb@conventiont|~ > lxc-update-config /usr/bin/lxc-update-config -h|--help [-c|--config] config: the container configuration to update which will automatically replace legacy configuration keys with their new counterparts. If the upgrade fails it will have left a *.backup file in the same directory where the config file was and it can simply be restored. Please make sure your users know about this update script. Fwiw, [4] provides a list of all removed legacy configuration keys and their new counterparts. 8. **Warning: Advertisement** for any distro on here that does not already package LXCFS which has been around for a long time they should consider it. It provides a *runtime agnostic* way of partially virtualizing /proc through a minimal multi-threaded fuse filesystem. These mocked files can be overmounted over their /proc counterparts in the container. https://github.com/lxc/lxcfs For a thorough overview over what has changed please see: https://discuss.linuxcontainers.org/t/lxc-3-0-0-has-been-released Thank you all for packaging LXC, LXCFS, and LXD! The LXC team [1]: https://discuss.linuxcontainers.org/t/lxc-3-0-0-has-been-released [2]: https://discuss.linuxcontainers.org/t/lxd-3-0-0-has-been-released [3]: https://brauner.github.io/2018/02/28/lxc-includes-cgroup-pam-module.html [4]: Legacy Key | New Key | Comments -------------------------------------|-------------------------------|--------- lxc.aa_profile | lxc.apparmor.profile | lxc.aa_allow_incomplete | lxc.apparmor.allow_incomplete | lxc.console | lxc.console.path | lxc.devttydir | lxc.tty.dir | lxc.haltsignal | lxc.signal.halt | lxc.id_map | lxc.idmap | lxc.init_cmd | lxc.init.cmd | lxc.init_gid | lxc.init.gid | lxc.init_uid | lxc.init.uid | lxc.kmsg | - | removed lxc.limit | lxc.prlimit | lxc.logfile | lxc.log.file | lxc.loglevel | lxc.log.level | lxc.mount | lxc.mount.fstab | lxc.network | lxc.net | lxc.network. | lxc.net.[i]. | lxc.network.flags | lxc.net.[i].flags | lxc.network.hwaddr | lxc.net.[i].hwaddr | lxc.network.ipv4 | lxc.net.[i].ipv4.address | lxc.network.ipv4.gateway | lxc.net.[i].ipv4.gateway | lxc.network.ipv6 | lxc.net.[i].ipv6.address | lxc.network.ipv6.gateway | lxc.net.[i].ipv6.gateway | lxc.network.link | lxc.net.[i].link | lxc.network.macvlan.mode | lxc.net.[i].macvlan.mode | lxc.network.mtu | lxc.net.[i].mtu | lxc.network.name | lxc.net.[i].name | lxc.network.script.down | lxc.net.[i].script.down | lxc.network.script.up | lxc.net.[i].script.up | lxc.network.type | lxc.net.[i].type | lxc.network.veth.pair | lxc.net.[i].veth.pair | lxc.network.vlan.id | lxc.net.[i].vlan.id | lxc.pivotdir | - | removed lxc.pts | lxc.pty.max | lxc.rebootsignal | lxc.signal.reboot | lxc.rootfs | lxc.rootfs.path | lxc.se_context | lxc.selinux.context | lxc.seccomp | lxc.seccomp.profile | lxc.stopsignal | lxc.signal.stop | lxc.syslog | lxc.log.syslog | lxc.tty | lxc.tty.max | lxc.utsname | lxc.uts.name | [5]: https://github.com/lxc/distrobuilder
signature.asc
Description: PGP signature
_______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
