Mixed system containers & VMs Introducing LXD virtual machine support Stéphane Graber LXD project leader @stgraber https://stgraber.org [email protected] What are system containers? They are the oldest type of containers 01 BSD jails, Linux vServer, Solaris Zones, OpenVZ, LXC and LXD. They behave like standalone systems 02 No need for specialized software or custom images. Low overhead, easy management 03 Thousands can be run on one system, as easy to manage as a bunch of processes. What are virtual machines? Virtualized hardware & firmware 01 Behaves in many ways like a physical system. Hardware accelerated 02 Useful virtualization requires hardware support, additional performance gain comes from using virtualization-aware devices (e.g. virtio). Can run just about any OS 03 Not constrained to Linux only. LXD System container CLI Ansible Juju OpenNebula your own client? & VM manager LXD REST API LXD LXD LXD LXD LXC QEMU LXC QEMU LXC QEMU LXC QEMU Linux kernel Linux kernel Linux kernel Linux kernel Host A Host B Host C Host ... Chromebooks Travis-CI What LXD is Simple 01 Clean command line interface, simple REST API and clear terminology. Fast 02 Image based, optimized storage & migration, direct hardware access. Secure 03 Safe by default. Combines all available kernel security features. Scalable 04 From a single instance on a laptop to tens of thousands of instances in a cluster. Wide selection of images Updated daily LXD clustering Built-in clustering support 01 No external dependencies, all LXD 3.0 or higher installations can be instantly turned into a cluster. Same API as a single node 02 Clients that aren’t clustering aware just see it as a very large LXD instance. Scales to thousands of containers on dozens of nodes 03 Uses a built-in distributed database and cross-connections between the nodes to offer a consistent view to clients and load-balance containers. LXD virtual machines Modern machines 01 UEFI with Secure Boot (where available), virtio devices only, based on QEMU 4.2. Same API and semantics as our containers 02 No particular VM knowledge needed by existing clients. Integrates seamlessly with LXD networks, storage, projects, profiles, ... 03 All existing configuration can be shared between containers and virtual machines, profiles with resource limits or devices can apply to both types. LXD Main Certificates components Cluster Events Images Aliases Instances Snapshots Backups Networks Operations Projects Storage pools Storage volumes Snapshots Demo time! What’s next Images for more distributions 01 Get feature parity with our set of container images, done by adding VM image building capability to Distrobuilder and having those images built as part of our normal pipeline. Live update of VM configuration 02 Device hotplug, live adjustments of resource restrictions, ... Security 03 Integrate with our existing AppArmor and Seccomp generators. Close feature gap with containers 04 Publishing, backups, migration, filesystem passthrough, usb devices, GPUs, ... Agent on other operating systems 05 Port the VM agent to using newly implemented virtio-vsock driver for Windows. LXD everywhere snap install lxd Support Managed serv. requires snapd on a supported Linux distribution Native packages Linux available for some releases on Alpine, ArchLinux, Fedora, Gentoo, OpenSUSE and Ubuntu On your Chromebook Search for “Terminal” in your app launcher MacOS brew install lxc requires Homebrew on current MacOS Windows choco install lxc requires Chcoolatey on current Windows 10 Contributing to LXD Written in Go Apache2 licensed 01 With low level logic in C through a 04 Re-use and improve any of our Go variety of libraries. packages in your own projects. Fully translatable client No copyright assignment 02 An easy way to contribute to LXD, 05 Easy contributions, no legal paperwork, translate our CLI in your language! just send a pull request. API client libraries Online user community 03 Official ones for Go and Python 06 Very active discussion forum with active Additional ones in Ruby, Node, Java, experts in container networking, security Haskell, ... and more. git clone https://github.com/lxc/lxd Questions ? Website: https://linuxcontainers.org/lxd Code: https://github.com/lxc/lxd Online demo: https://linuxcontainers.org/lxd/try-it We have stickers, come Stéphane Graber get them in front! LXD project leader @stgraber https://stgraber.org [email protected].