4月份,LXC发布了LXC 2.0 包含很多新特性,5月16日,LXC 2.0.1发布,修补了一些bug。 LXC 2.0.0 新特性如下: 重要更新: All main LXC commands have now been rewritten in C lxc-ls lxc-device lxc-copy New lxc-copy command taking over the role of lxc-clone and lxc-start-ephemeral Much improved support for checkpoint/restore of containers Completely reworked cgroup handling including support for the cgroup namespace The various command line tools are now much more consistent Re-organized storage backend implementation, including addition of a Ceph RBD backend An enormous amount of bugfixes, most of which will be backported to 1.0 and 1.1 over the next few bugfix releases The C API remains backward compatible with previous versions and is released as 1.2 This release was made possible by contributions (720 commits) from a total of 96 contributors. 更新配置选项 lxc.ephemeral: Controls whether the container is ephemeral and so will be destroyed on shutdown lxc.rebootsignal: Allows to override the signal sent for container reboot lxc.hook.destroy: New hook being called on container destruction lxc.hook.stop: Run in the host context with references to the containers just before namespace teardown lxc.init_uid: Used by lxc-execute to set an alternative user lxc.init_gid: Used by lxc-execute to set an alternative group lxc.monitor.unshare: Allows unsharing the mount namespace prior to running any hook 新特性: API: Add support for get_ips() Add support for get_interfaces() Add support for rename() Support for passing the storage backend to create() New migrate() symbol as an alternative to checkpoint() using a migrate_opts struct to simplify additions API version is 1.2, fully backward compatible with 1.1 and 1.0 new symbols: python3 lua Core: cgfsng: New cgroup backend driver for recent Linux kernel cgroup: Partial support for the new cgroup hierarchy cgroup: Support for the cgroup namespace checkpoint: Support checkpoint/restore of default LXC containers checkpoint: Support checkpoint/restore of unprivileged containers checkpoint: Support for the page server config: lxc.aa_profile: Now supports an "unchanged" value config: lxc.init_cmd: Now supports arguments config: lxc.network.macvlan.mode: Added support for the "passthru" mode config: lxc.rootfs.backend: Allows to override the storage backend (bypasses auto-detection) config: New nesting.conf configuration file to setup container nesting hooks: New LXC_CGNS_AWARE environment variable, set to 1 if LXC supports the cgroup namespace (the kernel however may not) hooks: New LXC_SRC_NAME environment variable is set in clone hook with the original container name hooks: New LXC_TARGET environment variable is set with the container goal (stop or reboot) logging: Updated logging timestamps to be a bit more readable lxc-usernet: Support for containers usning a veth interface without bridging lxc-usernet: Support for group-based quotas (use the @ prefix) network: The bridge interface MTU is now used as the default container interface MTU start: The process title is now renamed to be easier to read storage: New Ceph RBD storage backend Documentation: Korean translation of all the man pages Commands: lxc-attach: Use an intermediate pts device to prevent attacks against the parent shell lxc-clone: Support for renaming containers lxc-start-ephemeral: Support for changing bind-mount targets Init systems: systemd: Support for instanced service units Templates New ALTLinux template New Slackware template New SPARCLinux template alpine: Support installing extra packages debian: Default to just "main" enabled, allow enabling other repositories through argument oracle: Set the timezone in the container openssh: Add OpenSSH support ubuntu: New -v option allowing the user to set the debootstrap variant ubuntu-cloud: Support for vendor-data passthrough LXC 2.0.1 改进的地方如下: bug修复: apparmor: Also allow fstype=fuse for fuse filesystems attach: adapt lxc-attach tests & add test for pty logging attach: don't fail attach on failure to setup a SIGWINCH handler. attach: fix a variety of lxc-attach pts handling issues attach: switch console pty to raw mode (fixes ncurses-based programs) attach: use raw settings of ssh for pty bindings: fixed python-lxc reference to var before assignment in create() bindings: set PyErr when Container.__init__ fails cgfsng: defer to cgfs if needed subsystems are not available cgfsng: don't require that systemd subsystem be mounted core: Added missing type to keys in lxc_list_nicconfigs core: Allow configuration file values to be quoted core: log: remove duplicate definitons and bump buffer size core: sync: properly fail on unexpected message sizes core: Unshare netns after setting the userns mappings (fixes ownership of /proc/net) core: various fixes as reported by static analysis c/r: add an option to use faster inotify support in CRIU c/r: rearrange things to pass struct migrate_opts all the way down doc: ignore temporary files generated by doxygen doc: tweak manpage generation date to be compatible with reproducible builds doc: update MAINTAINERS doc: update to translated manpages init: add missing lsb headers to sysvinit scripts init: don't make sysv init scripts dependant on distribution specifics init: drop obsolete syslog.target from lxc.service.in lxc-attach: add logging option to manpage lxc-checkconfig: better render when stdout isn't a terminal lxc-create: fix -B best option lxc-destroy: avoid double print lxc-ls: use fewer syscalls when doing ipc templates: Add apt-transport-https to minbase variant of Ubuntu template templates: fix a typo in the capabilities name for Gentoo (sys_resource) templates: logic fix in the Centos template for RHEL7+ support templates: tweak Alpine DHCP configuration to send its hostname templates: tweak to network configuration of the Oracle template LXC 2.0.0/2.0.1 发布,Linux 容器工具下载地址
