The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/linuxcontainers.org/pull/402
This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Signed-off-by: KATOH Yasufumi <ka...@jazz.email.ne.jp>
From 6a02b43609ea148c34ce105ad2e0f8926237059c Mon Sep 17 00:00:00 2001 From: KATOH Yasufumi <ka...@jazz.email.ne.jp> Date: Fri, 3 Apr 2020 02:30:36 +0900 Subject: [PATCH] Add Japanese release announcement of LXD 4.0 LTS Signed-off-by: KATOH Yasufumi <ka...@jazz.email.ne.jp> --- content/lxd/news.ja/lxd-4.0.0.yaml | 1079 ++++++++++++++++++++++++++++ 1 file changed, 1079 insertions(+) create mode 100644 content/lxd/news.ja/lxd-4.0.0.yaml diff --git a/content/lxd/news.ja/lxd-4.0.0.yaml b/content/lxd/news.ja/lxd-4.0.0.yaml new file mode 100644 index 0000000..3f4ab62 --- /dev/null +++ b/content/lxd/news.ja/lxd-4.0.0.yaml @@ -0,0 +1,1079 @@ +title: LXD 4.0 LTS リリースのお知らせ +date: 2020/03/31 23:03 +origin: https://discuss.linuxcontainers.org/t/lxd-4-0-lts-has-been-released/7231 +content: |- + ### はじめに <!-- Introduction --> + <!-- + The LXD team is very excited to announce the release of LXD 4.0 LTS! + --> + LXD チームは、LXD 4.0 LTS のリリースをお知らせすることにとてもワクワクしています! + + <!-- + This is the 3rd LTS release for LXD and a very busy and exciting one! + The changelog below is split so that both users of LXD 3.23 and LXD 3.0 can see what we have in store for them. + --> + これは LXD の 3 つめの LTS リリースです。とても忙しく、そしてエキサイティングです! + あとの ChangeLog は、LXD 3.23 ユーザーと 3.0 ユーザーの両方が私たちが準備したものを見れるように分けています。 + + <!-- + As with all our other LTS releases, this one will be supported for 5 years (June 2025) and will receive a number of bugfix and security point releases over that time. + --> + 私たちの他の LTS リリースと同様に、このリリースも 5 年間(2025 年 6 月まで)サポートされます。その間に多数のバグフィックスとセキュリティのポイントリリースが行われます。 + + <!-- + As for LXD 3.0, we're hoping to release one last bugfix release as 3.0.5 in the near future before we enter security-only maintenance mode for its remaining 3 years. + --> + LXD 3.0 に関しては、残り 3 年間のセキュリティ fix のみのメンテナンスモードに入る前の近いうちに、最後のバグフィックスリリースを 3.0.5 としてリリースしたいと思っています。 + + Enjoy! + + ### 互換性のない変更 <!-- Breaking changes --> + #### `--container-only` の削除と、`--instance-only` への置き換え <!-- Removal of `--container-only`, replaced by `--instance-only` --> + <!-- + Our only CLI breaking changes with this release is the replacement of `--container-only` by `--instance-only`. Those following the feature releases will have had both supported for a few months now. With the 4.0 release, we're removing the deprecated ones. + --> + このリリースでの CLI の互換性のない変更は `--container-only` を `--instance-only` に置き換えるものだけです。フィーチャーリリースでは数ヶ月の間は両方をサポートします。4.0 リリースでは、非推奨の機能は削除されます。 + + ### 3.23 ユーザー向けのハイライト <!-- Highlights for 3.23 users --> + #### virtual machines: バックアップサポート(import/export)<!-- Support for backup (import/export) --> + <!-- + It is now possible to use `lxc export` and `lxc import` with virtual machines. + --> + `lxc export` と `lxc import` が仮想マシンで使えるようになりました。 + + <!-- + A word of caution however. Virtual machines, unlike containers are only accessible as a large block device. This means that several GB of data will need to be read and compressed, no matter how much is actually used inside the VM. + --> + しかし、注意点があります。仮想マシンはコンテナとは異なり、大きなブロックデバイスとしてしかアクセスできません。これは、VM 内で実際にどれだけの容量が使われていたとしても、数 GB のデーターを読み込み圧縮する必要があるということです。 + + <!-- + This can lead to long export times and similarly long import times. + --> + つまりエクスポートもインポートも長い時間がかかる可能性があるということです。 + + <!-- + Doing so with `--optimized` on a backend like ZFS should considerably reduce the export time, assuming the backup is to be imported on a storage pool of the same type. + --> + ZFS のようなバックエンドで `--optimized` オプションを使うと、同じタイプのストレージプールにインポートするなら、エクスポートの時間を大幅に短縮できるでしょう。 + + #### resources: リソース API の PCI、USB デバイス <!-- PCI and USB devices in the resource API --> + <!-- + The resources API (`/1.0/resources`) has been extended with a list of all PCI and USB devices on the system. This is of particular use when dealing with VFIO passthrough to virtual machines or passing through USB devices to containers. + --> + リソース API(`/1.0/resources`)が拡張され、システム上の PCI、USB デバイスが表示されるようになりました。これは特に、仮想マシンで VFIO パススルーや、コンテナで USB デバイスを扱う場合に有用です。 + + + stgraber@castiana:~$ lxc query /1.0/resources | jq .pci + { + "devices": [ + { + "driver": "skl_uncore", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:00:00.0", + "product": "Xeon E3-1200 v6/7th Gen Core Processor Host Bridge/DRAM Registers", + "product_id": "5904", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "i915", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:00:02.0", + "product": "HD Graphics 620", + "product_id": "5916", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "", + "driver_version": "", + "numa_node": 0, + "pci_address": "0000:00:08.0", + "product": "Xeon E3-1200 v5/v6 / E3-1500 v5 / 6th/7th/8th Gen Core Processor Gaussian Mixture Model", + "product_id": "1911", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "xhci_hcd", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:00:14.0", + "product": "Sunrise Point-LP USB 3.0 xHCI Controller", + "product_id": "9d2f", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "intel_pch_thermal", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:00:14.2", + "product": "Sunrise Point-LP Thermal subsystem", + "product_id": "9d31", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "mei_me", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:00:16.0", + "product": "Sunrise Point-LP CSME HECI #1", + "product_id": "9d3a", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:00:1c.0", + "product": "Sunrise Point-LP PCI Express Root Port #1", + "product_id": "9d10", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:00:1c.2", + "product": "Sunrise Point-LP PCI Express Root Port #3", + "product_id": "9d12", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:00:1c.4", + "product": "Sunrise Point-LP PCI Express Root Port #5", + "product_id": "9d14", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:00:1d.0", + "product": "Sunrise Point-LP PCI Express Root Port #9", + "product_id": "9d18", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "", + "driver_version": "", + "numa_node": 0, + "pci_address": "0000:00:1f.0", + "product": "Sunrise Point LPC Controller/eSPI Controller", + "product_id": "9d4e", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "", + "driver_version": "", + "numa_node": 0, + "pci_address": "0000:00:1f.2", + "product": "Sunrise Point-LP PMC", + "product_id": "9d21", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "snd_hda_intel", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:00:1f.3", + "product": "Sunrise Point-LP HD Audio", + "product_id": "9d71", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "i801_smbus", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:00:1f.4", + "product": "Sunrise Point-LP SMBus", + "product_id": "9d23", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "e1000e", + "driver_version": "3.2.6-k", + "numa_node": 0, + "pci_address": "0000:00:1f.6", + "product": "Ethernet Connection (4) I219-LM", + "product_id": "15d7", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "rtsx_pci", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:02:00.0", + "product": "RTS525A PCI Express Card Reader", + "product_id": "525a", + "vendor": "Realtek Semiconductor Co., Ltd.", + "vendor_id": "10ec" + }, + { + "driver": "iwlwifi", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:04:00.0", + "product": "Wireless 8265 / 8275", + "product_id": "24fd", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "nvme", + "driver_version": "1.0", + "numa_node": 0, + "pci_address": "0000:05:00.0", + "product": "SSD 600P Series", + "product_id": "f1a5", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:06:00.0", + "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]", + "product_id": "15d3", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:07:00.0", + "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]", + "product_id": "15d3", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:07:01.0", + "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]", + "product_id": "15d3", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:07:02.0", + "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]", + "product_id": "15d3", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:07:04.0", + "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]", + "product_id": "15d3", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "thunderbolt", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:08:00.0", + "product": "JHL6540 Thunderbolt 3 NHI (C step) [Alpine Ridge 4C 2016]", + "product_id": "15d2", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:09:00.0", + "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]", + "product_id": "15d3", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:0a:00.0", + "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]", + "product_id": "15d3", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:0a:01.0", + "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]", + "product_id": "15d3", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:0a:02.0", + "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]", + "product_id": "15d3", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "pcieport", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:0a:04.0", + "product": "JHL6540 Thunderbolt 3 Bridge (C step) [Alpine Ridge 4C 2016]", + "product_id": "15d3", + "vendor": "Intel Corporation", + "vendor_id": "8086" + }, + { + "driver": "ahci", + "driver_version": "3.0", + "numa_node": 0, + "pci_address": "0000:0b:00.0", + "product": "", + "product_id": "0622", + "vendor": "ASMedia Technology Inc.", + "vendor_id": "1b21" + }, + { + "driver": "xhci_hcd", + "driver_version": "5.4.0-18-generic", + "numa_node": 0, + "pci_address": "0000:0c:00.0", + "product": "FL1100 USB 3.0 Host Controller", + "product_id": "1100", + "vendor": "Fresco Logic", + "vendor_id": "1b73" + }, + { + "driver": "atlantic", + "driver_version": "5.4.0-18-generic-kern", + "numa_node": 0, + "pci_address": "0000:0d:00.0", + "product": "AQC107 NBase-T/IEEE 802.3bz Ethernet Controller [AQtion]", + "product_id": "87b1", + "vendor": "Aquantia Corp.", + "vendor_id": "1d6a" + } + ], + "total": 32 + } + + stgraber@castiana:~$ lxc query /1.0/resources | jq .usb + { + "devices": [ + { + "bus_address": 1, + "device_address": 4, + "interfaces": [ + { + "class": "Wireless", + "class_id": 224, + "driver": "btusb", + "driver_version": "0.8", + "number": 0, + "subclass": "Radio Frequency", + "subclass_id": 1 + }, + { + "class": "Wireless", + "class_id": 224, + "driver": "btusb", + "driver_version": "0.8", + "number": 1, + "subclass": "Radio Frequency", + "subclass_id": 1 + } + ], + "product": "", + "product_id": "0a2b", + "speed": 12, + "vendor": "Intel Corp.", + "vendor_id": "8087" + }, + { + "bus_address": 1, + "device_address": 3, + "interfaces": [ + { + "class": "Video", + "class_id": 14, + "driver": "uvcvideo", + "driver_version": "1.1.1", + "number": 0, + "subclass": "Video Control", + "subclass_id": 1 + }, + { + "class": "Video", + "class_id": 14, + "driver": "uvcvideo", + "driver_version": "1.1.1", + "number": 1, + "subclass": "Video Streaming", + "subclass_id": 2 + } + ], + "product": "Integrated Camera", + "product_id": "b5ce", + "speed": 480, + "vendor": "Chicony Electronics Co., Ltd", + "vendor_id": "04f2" + }, + { + "bus_address": 3, + "device_address": 2, + "interfaces": [ + { + "class": "Audio", + "class_id": 1, + "driver": "snd-usb-audio", + "driver_version": "5.4.0-18-generic", + "number": 0, + "subclass": "Control Device", + "subclass_id": 1 + }, + { + "class": "Audio", + "class_id": 1, + "driver": "snd-usb-audio", + "driver_version": "5.4.0-18-generic", + "number": 1, + "subclass": "Streaming", + "subclass_id": 2 + }, + { + "class": "Audio", + "class_id": 1, + "driver": "snd-usb-audio", + "driver_version": "5.4.0-18-generic", + "number": 2, + "subclass": "Streaming", + "subclass_id": 2 + }, + { + "class": "Human Interface Device", + "class_id": 3, + "driver": "usbhid", + "driver_version": "5.4.0-18-generic", + "number": 3, + "subclass": "", + "subclass_id": 0 + } + ], + "product": "TX42C500", + "product_id": "4933", + "speed": 12, + "vendor": "Realtek Semiconductor Corp.", + "vendor_id": "0bda" + }, + { + "bus_address": 3, + "device_address": 13, + "interfaces": [ + { + "class": "Video", + "class_id": 14, + "driver": "uvcvideo", + "driver_version": "1.1.1", + "number": 0, + "subclass": "Video Control", + "subclass_id": 1 + }, + { + "class": "Video", + "class_id": 14, + "driver": "uvcvideo", + "driver_version": "1.1.1", + "number": 1, + "subclass": "Video Streaming", + "subclass_id": 2 + }, + { + "class": "Audio", + "class_id": 1, + "driver": "snd-usb-audio", + "driver_version": "5.4.0-18-generic", + "number": 2, + "subclass": "Control Device", + "subclass_id": 1 + }, + { + "class": "Audio", + "class_id": 1, + "driver": "snd-usb-audio", + "driver_version": "5.4.0-18-generic", + "number": 3, + "subclass": "Streaming", + "subclass_id": 2 + } + ], + "product": "HD Pro Webcam C920", + "product_id": "082d", + "speed": 480, + "vendor": "Logitech, Inc.", + "vendor_id": "046d" + }, + { + "bus_address": 3, + "device_address": 16, + "interfaces": [ + { + "class": "Human Interface Device", + "class_id": 3, + "driver": "usbhid", + "driver_version": "5.4.0-18-generic", + "number": 0, + "subclass": "", + "subclass_id": 0 + }, + { + "class": "Chip/SmartCard", + "class_id": 11, + "driver": "usbfs", + "driver_version": "5.4.0-18-generic", + "number": 1, + "subclass": "", + "subclass_id": 0 + } + ], + "product": "YubiKey FIDO+CCID", + "product_id": "0406", + "speed": 12, + "vendor": "Yubico.com", + "vendor_id": "1050" + }, + { + "bus_address": 3, + "device_address": 17, + "interfaces": [ + { + "class": "Human Interface Device", + "class_id": 3, + "driver": "usbhid", + "driver_version": "5.4.0-18-generic", + "number": 0, + "subclass": "Boot Interface Subclass", + "subclass_id": 1 + }, + { + "class": "Human Interface Device", + "class_id": 3, + "driver": "usbhid", + "driver_version": "5.4.0-18-generic", + "number": 1, + "subclass": "Boot Interface Subclass", + "subclass_id": 1 + } + ], + "product": "ThinkPad Compact USB Keyboard with TrackPoint", + "product_id": "6047", + "speed": 12, + "vendor": "Lenovo", + "vendor_id": "17ef" + } + ], + "total": 6 + } + + + #### network: 複数の ipvlan NIC デバイスのサポート <!-- Support for multiple ipvlan NIC devices --> + <!-- + Multiple ipvlan devices can now be added to the same container provided that one of them has `ipv4.gateway` and/or `ipv6.gateway` set to `none`. + --> + 複数の ipvlan デバイスの `ipv4.gateway` と `ipv6.gateway` の両方もしくは片方が `none` に設定されている場合、複数の ipvlan デバイスを同じコンテナに追加できるようになりました。 + + #### network: routed NIC のホスト側アドレス設定のサポート <!-- Support for host addresses on routed NIC --> + <!-- + The host side address on `routed` nics can now be configured through the `ipv4.host_address` and `ipv6.host_address` properties. + --> + `routed` NIC のホスト側のアドレスは `ipv4.host_address` と `ipv6.host_address` プロパティで設定できるようになりました。 + + #### clustering: クラスターロール編集のサポート <!-- Support for editing cluster roles --> + <!-- + A new `lxc cluster edit` command allows for editing clustering roles. + --> + 新たに `lxc cluster edit` コマンドでクラスターのロールを編集できるようになりました。 + + <!-- + It's worth noting that there currently are no writable roles, but we expect to be adding some in the near future which will then be manageable through this API and command. + --> + 現時点では書き込みできるロールがないので意味がないのですが、近いうちにいくつかロールを追加し、API とコマンドで管理できるようになるにする予定です。 + + #### instances: カスタムボリュームのディスク使用量 <!-- Disk usage for custom volumes --> + <!-- + Containers with custom storage volumes attached to them will now report those volume's usage in the state API (and through `lxc info`): + --> + カスタムボリュームをアタッチしているコンテナが、state API (と `lxc info`)経由でボリュームの使用量をレポートするようになりました。 + + stgraber@castiana:~$ lxc launch images:ubuntu/bionic c1 + Creating c1 + Starting c1 + + stgraber@castiana:~$ lxc storage volume create default vol1 + Storage volume vol1 created + stgraber@castiana:~$ lxc storage volume create default vol2 + Storage volume vol2 created + + stgraber@castiana:~$ lxc storage volume attach default vol1 c1 vol1 /mnt/vol1 + stgraber@castiana:~$ lxc storage volume attach default vol2 c1 vol2 /mnt/vol2 + + stgraber@castiana:~$ lxc info c1 + Name: c1 + Location: none + Remote: unix:// + Architecture: x86_64 + Created: 2020/04/01 00:00 UTC + Status: Running + Type: container + Profiles: default + Pid: 1439012 + Ips: + eth0: inet 10.166.11.66 veth12c5ea18 + eth0: inet6 fd42:4c81:5770:1eaf:216:3eff:fee2:43b6 veth12c5ea18 + eth0: inet6 fe80::216:3eff:fee2:43b6 veth12c5ea18 + lo: inet 127.0.0.1 + lo: inet6 ::1 + Resources: + Processes: 14 + Disk usage: + root: 1.11MB + vol1: 98.30kB + vol2: 98.30kB + CPU usage: + CPU usage (in seconds): 0 + Memory usage: + Memory (current): 46.94MB + Network usage: + eth0: + Bytes received: 3.06kB + Bytes sent: 2.93kB + Packets received: 22 + Packets sent: 28 + lo: + Bytes received: 0B + Bytes sent: 0B + Packets received: 0 + Packets sent: 0 + + #### instances: スナップショットのディスク使用量 <!-- Disk usage for snapshots --> + <!-- + The API now exposes the size of each individual snapshots. + --> + API でスナップショットごとのそれぞれのサイズを取得できるようになりました。 + + stgraber@castiana:~$ lxc snapshot c1 + stgraber@castiana:~$ lxc query /1.0/instances/c1/snapshots/snap0 | jq .size + 61440 + + <!-- + This will soon be displayed in `lxc info` once it's gone through a redesign. + --> + これは再設計が済むとすぐに `lxc info` で表示されるようになるでしょう。 + + #### auth: パスワード不要の PKI モードのサポート <!-- Support for passwordless PKI mode --> + <!-- + For those using LXD with a managed PKI, it is now possible to configure LXD to automatically trust any client certificate signed by the CA. + --> + 管理された PKI を使って LXD を使う場合、その CA が署名したクライアント証明書であれば自動的に信頼するように LXD を設定できるようになりました。 + + <!-- + This is done with `core.trust_ca_certificates`. + --> + これは `core.trust_ca_certificates` で設定します。 + + <!-- + To handle revocation, LXD also now accepts a CRL which should be placed alongside `server.ca` as `server.crl`. + --> + revoke を扱うため、`server.ca` と同時に設定する `server.crl` を CRL として受け入れます。 + + ### 3.0 ユーザー向けのハイライト <!-- Highlights for 3.0 users --> + <!-- + In addition to the features and changes listed above, those who were using the LXD 3.0 LTS branch have the following "new" features to look forward to: + --> + 上記の機能と変更点に加えて、LXD 3.0 ブランチのユーザーは、以下の「新しい」機能が期待できるでしょう: + + #### 仮想マシン <!-- Virtual machines --> + <!-- + LXD can now run both containers and virtual machines. + --> + LXD はコンテナと仮想マシンの両方を実行できるようになりました。 + + <!-- + The experience and configuration works in much the same way though some device types and configuration options aren't available for virtual machines yet. + --> + デバイスや設定オプションによっては仮想マシンではまだ設定できないものがありますが、使い方や設定方法は同じように動作します。 + + <!-- + Some operations are performed through an agent running in the virtual machine (`lxc exec` and `lxc file`). The agent comes pre-installed in the majority of our images. + --> + 操作によっては仮想マシン内で動作するエージェントが実行します(`lxc exec` と `lxc file`)。プロジェクトで作成したイメージのほとんどはエージェントがあらかじめインストールされています。 + + <!-- + To create a virtual machine rather than a container, simply pass `--vm` to `lxc launch` + --> + コンテナではなく仮想マシンを作成するのであれば、シンプルに `lxc launch` に `--vm` オプションを指定します。 + + <!-- + VM images are now available for most commonly used Linux distributions with plans to add more in the future. + --> + VM イメージは主要なよく使われる Linux ディストリビューションのものが準備されており、将来的にも更に追加する予定です。 + + stgraber@castiana:~$ lxc launch images:centos/8 centos-8 --vm + Creating centos-8 + Starting centos-8 + + stgraber@castiana:~$ lxc info centos-8 + Name: centos-8 + Location: none + Remote: unix:// + Architecture: x86_64 + Created: 2020/03/31 23:48 UTC + Status: Running + Type: virtual-machine + Profiles: default + Pid: 1426453 + Ips: + enp5s0: inet 10.166.11.125 + enp5s0: inet6 fd42:4c81:5770:1eaf:1c5b:d0a1:d892:5464 + enp5s0: inet6 fe80::9bbf:7460:2ad0:6a9 + lo: inet 127.0.0.1 + lo: inet6 ::1 + Resources: + Processes: 12 + Disk usage: + root: 6.65MB + CPU usage: + CPU usage (in seconds): 5 + Memory usage: + Memory (current): 123.94MB + Memory (peak): 115.95MB + Network usage: + enp5s0: + Bytes received: 2.55kB + Bytes sent: 2.32kB + Packets received: 21 + Packets sent: 20 + lo: + Bytes received: 0B + Bytes sent: 0B + Packets received: 0 + Packets sent: 0 + + stgraber@castiana:~$ lxc exec centos-8 bash + [root@centos-8 ~]# cat /etc/redhat-release + CentOS Linux release 8.1.1911 (Core) + [root@centos-8 ~]# uname -a + Linux centos-8 4.18.0-147.5.1.el8_1.centos.plus.x86_64 #1 SMP Thu Feb 6 10:31:58 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux + [root@centos-8 ~]# + + #### プロジェクト <!-- Projects --> + <!-- + Projects are a way to segment your LXD server. + Each project can contain its own set of instances, images, profiles and storage volumes. + --> + プロジェクトは LXD サーバーを分割する方法です。 + プロジェクトはそれぞれ自身のインスタンス、イメージ、プロファイル、ストレージボリュームを持つことができます。 + + <!-- + Those various features can be enabled/disabled on a per-project basis. If disable, the project inherit from the `default` project. + --> + これらのさまざまな機能はプロジェクトごとに有効化・無効化できます。無効にした場合、プロジェクトは `default` プロジェクトから継承します。 + + <!-- + On top of this, there is support for both restrictions (disabling particular device types, privileged containers, ...) and limits (limiting the amount of CPU, memory and instance count). + --> + これに加え、プロジェクトは制約(restriction / 特定のデバイスタイプや特権コンテナの無効化など)と制限(limit / CPU、メモリー、インスタンス数の制限)をサポートしています。 + + #### インスタンス <!-- Instances --> + + - コンテナ上でのシステムコールインターセプション <!-- System call interception on containers --> + - 限られた `mknod` がコンテナ内で可能 <!-- Allows for limited `mknod` in containers --> + - 限られた `setxattr` がコンテナ内で可能 <!-- Allows for limited `setxattr` in containers --> + - 特権が必要なファイルシステムのマウントを許可するために使用可能 <!-- Can be used to allow mounting of privileged filesystems --> + - 一部のファイルシステムマウントを FUSE にリダイレクトするために使用可能 <!-- Can be used to redirect some filesystem mounts to FUSE --> + - バックアップ・リストア機能の追加(`lxc export` と `lxc import`)<!-- Addition of a backup/restore feature (`lxc export` and `lxc import`) --> + - ストレージプール間のインスタンスのコピー・移動 <!-- Copy/move instances between storage pools --> + - `lxc copy --refresh` を使った(ローカル、リモートの)インスタンスコピーのリフレッシュ(訳注: 差分コピー) <!-- Refresh of an instance copy (local or remote) with `lxc copy --refresh` --> + - 予想外の削除や id シフトからの保護(`security.protection.delete` と `security.protection.shift`) <!-- Protection against accidental deletion and shift (`security.protection.delete` and `security.protection.shift`) --> + - `shiftfs` のサポート追加。可能な場合には `shiftfs` を使用し従来の id シフトを置き換える <!-- `shiftfs` is now supported and used when available (replaces traditional shifting) --> + - 自動化されたスナップショットと expire <!-- Automated snapshots and expiration --> + - 新しい `unix-hotplug` デバイスタイプ(`unix-char` や `unix-block` と同様のもの) <!-- New `unix-hotplug` device type (similar to `unix-char` and `unix-block`) --> + - `usb` デバイスの改良: <!-- `usb` device improvements: --> + - 追加・削除の uevent がコンテナに転送されるようになりました <!-- The add/remove uevent is now forwarded to the container --> + - すべての USB デバイスを渡すことができます <!-- It is possible to pass all USB devices --> + - `proxy` デバイスの改良: <!-- `proxy` device improvements: --> + - 特権を落とすオプション(`security.uid` and `security.gid`)<!-- Privileged dropping options (`security.uid` and `security.gid`) --> + - ソケットの所有権のオプション(`uid`, `gid`, `mode`) <!-- Socket ownership options (`uid`, `gid`, `mode`) --> + - HAProxy タイプヘッダーのサポート(`proxy_protocol`) <!-- Support for HAProxy type header (`proxy_protocol`) --> + - 使用可能な場合 NAT を使った高速なプロキシー(`nat`) <!-- Fast proxying using NAT when available (`nat`) --> + - UDP、UNIX ソケットのサポート。UDP、TCP を使っている場合のポートの範囲 <!-- Support for unix socket, udp and port ranges on udp and tcp --> + - `disk` デバイスの改良: <!-- `disk` device improvements: --> + - Ceph rbd/fs ディスクの直接コンテナへのアタッチ <!-- Direct attach of Ceph rbd/fs disks to containers --> + - カスタムのマウントオプション <!-- Custom mount options --> + - コンテナが読めるものへの uid/gid の変換のための `shift` プロパティ <!-- `shift` property to translate uid/gid into container-readable ones --> + - `nic` デバイスの改良: <!-- `nic` device improvements: --> + - 新しい `ipvlan` nic タイプ <!-- New `ipvlan` nictype --> + - 新しい `routed` nic タイプ <!-- New `routed` nictype --> + - `ipv4.routes` と `ipv6.routes` プロパティ <!-- `ipv4.routes` and `ipv6.routes` properties --> + - 簡単に LXD が管理するネットワークに接続するための `network` プロパティ <!-- `network` property to easily connect to LXD managed networks --> + - セキュリティフィルタリングオプション <!-- Scurity filtering options --> + - SR-IOV デバイスでの VLAN と MAC フィルタリング <!-- VLAN & MAC filtering on SR-IOV devices --> + + #### ネットワーク <!-- Network --> + + - 設定可能な NAT ソースアドレス(`ipv4.nat.address` and `ipv6.nat.address`)<!-- Configurable NAT source address (`ipv4.nat.address` and `ipv6.nat.address`) --> + - DHCP リース API と `lxc network list-leases` コマンド <!-- DHCP leases API and `lxc network list-leases` command --> + - ネットワーク状態に関する API と `lxc network info` コマンド <!-- Network state API and `lxc network info` command --> + - LXD が管理するネットワークでの設定可能な MAC アドレス(`bridge.hwaddr`) <!-- Configurable MAC address on managed networks (`bridge.hwaddr`) --> + - ファイアウォールのルール順がコントロール可能に(`ipv4.nat.order` and `ipv6.nat.order`) <!-- Control on firewall rule application order (`ipv4.nat.order` and `ipv6.nat.order`) --> + + #### ストレージ <!-- Storage --> + + - スクラッチから書き直した新しい内部ストレージレイヤー <!-- New internal storage layer rewritten from scratch --> + - 新しい `cephfs` ストレージバックエンド <!-- New `cephfs` storage backend --> + - バックアップとイメージをストレージプール内に保存可能に <!-- Backups and images can now be stored inside a storage pool --> + - カスタムストレージボリュームのスナップショット(スケジューリングと expire 処理を含む)<!-- Custom storage volume snapshots (including scheduling & expiry) --> + - LVM ストライピングサポート <!-- LVM striping support --> + - Ceph でメタデータとデータプールの分離 <!-- Separate metadata and data pools for Ceph --> + - `dir` バックエンドで ext4/xfs の "project quotas" 機能を使ったクォータ <!-- Quotas on `dir` backend through ext4/xfs "project quotas" --> + - カスタムストレージボリュームの `security.shifted` プロパティ <!-- `security.shifted` property on custom storage volumes --> + + #### イメージ <!-- Images --> + + - ネストした LXD でホストからイメージを取得するための API(`security.devlxd.images`) <!-- API for nested LXD to fetch images from the host (`security.devlxd.images`) --> + - 新たに作成するイメージで `squashfs` 圧縮のサポート <!-- `squashfs` compression support for new images --> + - プロファイルをイメージに結びつけることが可能に <!-- Profiles can now be tied to images --> + - イメージの expire 時期を変更できるように <!-- Image expiry can now be changed --> + + #### クラスターの改良 <!-- Clustering improvements --> + + - スタンバイデータベースノードのサポート <!-- Support for standby database nodes --> + - データベース数とスタンバイノードの数が設定可能 <!-- Configurable number of database & standby nodes --> + - アーキテクチャー混在のクラスターリング <!-- Mixed architecture clustering --> + - クラスターリングのロール <!-- Clustering roles --> + - 新たな簡素化されたクラスター追加 API <!-- New simplified cluster join API --> + - クライアントとクラスター用トラフィックのアドレスの分離 <!-- Separate addresses for client and cluster traffic --> + - 自動イメージレプリケーション <!-- Automatic image replication --> + + #### CLI + + - `lxc list` と `lxc image list` の新しいカラム <!-- New columns in `lxc list` and `lxc image list` --> + - 新たに `lxc alias` コマンドを追加 <!-- New `lxc alias` command --> + - `list` コマンド全体を通して `--format` オプションをサポート <!-- Consistent `list` commands including `--format` support --> + - すべての `set` コマンドで複数の `key=value` を受け付けるように <!-- All `set` commands now accept multiple `key=value` --> + - `exec` コマンドが `--uid` と `--gid` と `--cwd` オプションを受け付けるように <!-- `exec` now accepts `--uid`, `--gid` and `--cwd` --> + - `lxc copy` と `lxc move` での設定の上書き <!-- Config overrides on `lxc copy` and `lxc move` --> + - クラスターリングに対してより多くのコマンドでの `--target` サポート <!-- More commands now support the `--target` option for clustering --> + + #### 将来的な保証 <!-- Future proofing --> + + - xtables の代替として nftables をサポート <!-- Support for nftables as an alternative to xtables --> + - cgroup v2 を使った制限のサポート <!-- Support for limits through Cgroup2 --> + + #### API + + - Canonical RBAC 経由の RBAC (Role Based Access Control) サポート <!-- Support for RBAC (Role Based Access Control) through Canonical RBAC --> + - デフォルトの TLS キーの EC384 化 <!-- Default TLS key is now EC384 --> + - `/1.0/containers` の置き換えとして `/1.0/instances` エンドポイントの新設 <!-- New `/1.0/instances` endpoint replacing `/1.0/containers` --> + - `/1.0/instances` と `/1.0/images` でのサーバーサイドのコレクションフィルタリングを追加 <!-- Addition of server-side collection filtering on `/1.0/instances` and `/1.0/images` --> + - `/1.0/resources` でのより広範囲のリソース API <!-- Much more comprehensive resources API at `/1.0/resources` --> + - カーネルの機能が `/1.0` で取得可能に <!-- Kernel features are now exposed in `/1.0` --> + - LXC の機能が `/1.0` で取得可能に <!-- LXC features are now exposed in `/1.0` --> + - `core.debug_address` 経由でのビルトインデバッグサーバー(pprof)設定 <!-- Built-in debug server (pprof) configurable through `core.debug_address` --> + - 高需要エンドポイントでのバルククエリー(再帰)オプションの追加 <!-- Additional bulk-query (recursion) options for high demand endpoints --> + - クラスター環境内のイベントとオペレーションが `Location` フィールドを持つように <!-- Events and Operations in a clustered environment now have a `Location` field --> + + ### 完全な ChangeLog(翻訳なし) <!-- Complete changelog --> + Here is a complete list of all changes in this release: + + - shared/version/api: Add trust_ca_certificates + - doc: Add core.trust_ca_certificates + - lxd/cluster/config: Add core.trust_ca_certificates + - *: Add parameters to CheckTrustState + - shared/cert: Add CRL to CertInfo + - lxd/util/http: Check CRL for revoked clients + - test: Extend PKI test + - lxd/etag: Quote generated etag values + - lxd/apparmor: Apparently the order matters + - shared/version/api: Add snapshot_disk_usage API extension + - doc: Add snapshot_disk_usage + - lxd/storage/drivers/btrfs: Fix quota + - lxd/backup: Removes Privileged field from backup.Info struct + - lxd/backup: Adds new fields in index.yaml + - lxd/instances/post: bInfo.OptimizedStorage pointer usage + - lxd/storage/backend/lxd: CreateInstanceFromBackup OptimizedStorage pointer usage + - lxd/backup: Updates backupWriteIndex index.yaml fields + - lxd/backup: Removes Project field from index.yaml + - test/suites/storage: Add btrfs quota tests + - shared/api: Add size to InstanceSnapshot + - lxd/instance/drivers: Get snapshot usage + - lxd/storage/drivers/btrfs: Don't destroy qgroups + - lxd/storage/drivers: Moves functions from generic.go to generic_vfs.go + - lxd/storage/drivers: Generic VFS function usage after move &rename + - lxd/instance/drivers: Add custom volumes to disk state + - lxd/instance/drivers: Fix lxd-agent running order + - lxc: Deprecate --container-only + - i18n: Update translation templates + - tests: Move away from container-only + - lxc: Drop flagContainerOnly + - lxd/storage/zfs: Fix deleted VM images restoration + - lxc/storage/drivers/driver/btrfs/volumes: CreateVolumeFromBackup to use tar reader for optimized volume restore + - lxc/storage/drivers/driver/zfs/volumes: CreateVolumeFromBackup to use tar reader for optimized volume restore + - shared/archive: Adds CompressedTarReader function + - lxd/backup/backup: shared.CompressedTarReader usage + - test/suites/static/analysis: Reinstates checks for shared/instancewriter + - lxd/instance/post: InstanceID usage + - lxd/db/containers: Renames ContainerID to InstanceID + - lxd/instances/post: Logging in createFromBackup + - lxd/instances/post: Logging message change from container to instance + - lxd/instances/post: Switches to revert package in createFromBackup + - lxd: Merges instanceCreateFromBackup into createFromBackup + - lxd/storage/drivers/utils: Adds blockDevSizeBytes function + - lxd/storage/drivers/driver/ceph/volumes: Updates SetVolumeQuota to use blockDevSizeBytes + - shared/instancewriter/instance/file/info: Adds FileInfo for os.FileInfo implementation + - shared/instancewriter/instance/tar/writer: Adds WriteFileFromReader function + - lxd/backup: Switches index.yaml file generation to use WriteFileFromReader in backupCreate + - lxd/api/internal: d.cluster.InstanceID usage + - lxd/storage/backend/lxd: Better error msg context in CreateInstanceFromBackup + - lxd/backup: Removes volume type restriction in backupCreate + - lxd/storage/drivers/generic/vfs: Adds VM support to genericVFSBackupVolume + - lxd/storage/drivers: Uses sourcePath logging for consistency in BackupVolume + - lxd/storage/drivers/driver/zfs/volumes: Adds optimised VM backup to BackupVolume + - lxd/storage/drivers/driver/btrfs/volumes: Adds optimised VM backup to BackupVolume + - lxd/storage/backend/lxd: Adds volume type logic for VMs to CreateInstanceFromBackup + - lxd/api/internal: makes internalImport VM aware + - lxd/storage/drivers/generic/vfs: Adds VM support to genericVFSBackupUnpack + - lxd/storage/drivers/driver/zfs/volumes: MountVolume comment improvements + - lxd/storage/drivers/driver/zfs/volumes: UnmountVolume improvements + - lxd/storage/drivers/driver/zfs/volumes: Adds VM support to generic mode in MigrateVolume + - lxd/storage/drivers/driver/zfs/volumes: Adds VM support to MountVolumeSnapshot + - lxd/storage/drivers/driver/zfs/volumes: Adds VM support to UnmountVolumeSnapshot + - lxd/storage/drivers/driver/zfs/volumes: Adds support for VM optimized backup restore + - lxd/storage/drivers: Adds existing volume check to optimized backup restore + - lxd/storage/drivers/driver/btrfs/volumes: Adds support for VM optimized backup restore + - lxd/storage/backend/lxd: Updates CheckInstanceBackupFileSnapshots to be VM aware + - lxd/storage/backend/lxd/patches: Ignores snapshots when retrieving list of custom volumes to be renamed + - lxd/containers: Emit lifecycle event on user shutdown + - lxd/storage/drivers: Adds OptimizedBackups driver Info flag + - lxd/backup: Ignore requests for optimized backups when pool driver doesn't support it + - lxd/instances/post: Ensure optimized backup imports only import into same storage driver pools + - lxd/instance/exec: Adds protection against clients reconnecting after exec has started + - doc: Fix escaping + - lxd/cluster: Tweak errors + - api: clustering_edit_roles + - shared/api: Add ClusterMemberPut + - lxd/cluster: Make ClusterMember editable + - client: Add UpdateClusterMember + - lxc/cluster: Add edit sub-command + - i18n: Update translation templates + - lxd/firewall/drivers/drivers/consts: Adds FilterIPv6All constant + - cgroup/init: close controllers file + - doc/networks: Add missing maas.subnet.ipv4/maas.subnet.ipv6 + - scripts/bash: Add maas.subnet.ipv4/maas.subnet/ipv6 to network + - client: Fix bad description for UpdateClusterMember + - lxd/device/nic/bridged: Allow security.ipv6_filtering to be used on networks without IPv6 + - lxd/firewall/drivers/drivers/xtables: Adds FilterIPv6All support + - lxd/firewall: Dont use compact function arg definitions + - lxd/firewall/drivers/drivers/nftables: Adds FilterIPv6All support + - lxd/network/network/utils: Adds support for bridged NIC network property when rebuilding dnsmasq static config + - lxd/network/network/utils: Comment consistency + - lxd/device/nic/bridged: Allow security.ipv4_filtering to be used on networks without IPv4 + - lxd/firewall/drivers/drivers/consts: Adds FilterIPv4All constant + - lxd/firewall/drivers/drivers/xtables: Adds Adds FilterIPv4All support + - lxd/firewall/drivers/drivers/nftables: Adds FilterIPv4All support + - test: Adds bridged NIC tests for total protocol filtering + - lxd/device/nic: Adds ipv4.host_address and ipv6.host_address keys + - lxd/device/nic/routed: Adds ability to specify host-side veth interface IP address + - api: Adds container_nic_routed_host_address API extension + - doc/instances: Updates routed nic doc with ipv4.host_address and ipv6.host_address keys + - scripts/bash/lxd-client: Updates bash device keys for routed NIC + - lxd/device/nic/ipvlan: Adds ipv4.gateway and ipv6.gateway support + - api: Adds container_nic_ipvlan_gateway API extension + - doc/instances: Adds ipvlan ipv4.gateway and ipv6.gateway docs + - lxd/device/nic/routed: Sets accept_ra=0 on host interface + - lxc: Fix for current cobra + - lxd/device/nic_routed: Don't fail on missing IPv6 + - lxd/device/nic_routed: Set rp_filter=1 + - forkexec: rework + - forkexec: tweak + - lxd/firewall/firewall/interface: Adds InstanceSetupRPFilter and InstanceClearRPFilter + - lxd/firewall/drivers/drivers/xtables: Improves proxy NAT rule removal errors + - lxd/firewall/drivers/drivers/xtables: Renames iptablesConfig to iptablesAdd + - lxd/firewall/drivers/drivers/xtables: Implements reverse path filters + - lxd/device/nic/routed: Applies firewall based reverse path filter for IPv4 and IPv6 + - lxd/storage/drivers/ceph: Re-create image snapshot + - lxd/storage/drivers: Update comment on readonly snapshot + - lxd/firewall/drivers/drivers/nftables: Implements reverse path filters + - shared/instancewriter/instance/tar/writer: Adds ignoreGrowth arg to WriteFile + - lxd/storage/drivers/generic/vfs: Sets ignoreGrowth arg true in WriteFile usage + - lxd: Existing WriteFile usage updated to set ignoreGrowth to false + - lxd/device/nic/bridged: Disables IPv6 on bridged host side interface + - lxd/exec: Fix forwarding for VMs + - lxd: Rename forwarding functions + - i18n: Update translations from weblate + - lxd/networks: Fix network leases list for instances using "network" option + - lxd/instance/drivers/driver/qemu: Restart on failure + - shared/idmap: Better root fallback + - lxd/instance/drivers/driver/qemu: Fixes dependencies for lxd-agent + - lxd-agent/main/agent: Better logging + - shared/version/api: Add resources_usb_pci API extension + - doc: Add resources_usb_pci + - shared/api: Add USB and PCI resources + - shared/usbid: Add USB vendor and devices + - lxd/resources: Add USB resource + - lxd/resources: Add PCI resource + - test/suites/static_analysis: Skip shared/usbid/load_data.go + + + ### 試用環境 <!-- Try it for yourself --> + <!-- + This new LXD release is already available for you to try on our [demo service](https://linuxcontainers.org/lxd/try-it/). + --> + この新しい LXD リリースは私たちの [デモサービス](https://linuxcontainers.org/ja/lxd/try-it/) で利用できます。 + + ### ダウンロード <!-- Downloads --> + <!-- + The release tarballs can be found on our [download page](https://linuxcontainers.org/lxd/downloads/). + --> + このリリースの tarball は [ダウンロードページ](/lxd/downloads/) から取得できます。 + + <!-- + Binary builds are also available for: + --> + ビルド済みバイナリーは次のように使えます: + + - **Linux:** snap install lxd + - **MacOS:** brew install lxc + - **Windows:** choco install lxc
_______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel