[lxc-devel] [lxd/master] Network: Adds ovn.ovs_bridge setting to bridge networks to specify OVS uplink bridge name for OVN networks

tomponline on Github lxc-bot at linuxcontainers.org
Wed Sep 2 13:49:32 UTC 2020


A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 1128 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200902/f7936c8a/attachment.bin>
-------------- next part --------------
From 9807ba8fa2bb45e171d3a1b583f79fd5944ce2de Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Wed, 2 Sep 2020 11:17:57 +0100
Subject: [PATCH 1/9] lxd/network/driver/ovn: Removes unnecessary dnsmasq logic
 in deleteParentPortBridge

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 lxd/network/driver_ovn.go | 15 ++-------------
 1 file changed, 2 insertions(+), 13 deletions(-)

diff --git a/lxd/network/driver_ovn.go b/lxd/network/driver_ovn.go
index 1904ee7f78..3c13ec5672 100644
--- a/lxd/network/driver_ovn.go
+++ b/lxd/network/driver_ovn.go
@@ -17,7 +17,6 @@ import (
 
 	"github.com/lxc/lxd/lxd/cluster"
 	"github.com/lxc/lxd/lxd/db"
-	"github.com/lxc/lxd/lxd/dnsmasq"
 	"github.com/lxc/lxd/lxd/locking"
 	"github.com/lxc/lxd/lxd/network/openvswitch"
 	"github.com/lxc/lxd/lxd/project"
@@ -506,6 +505,7 @@ func (n *ovn) parentOperationLockName(parentNet Network) string {
 
 // parentPortBridgeVars returns the parent port bridge variables needed for port start/stop.
 func (n *ovn) parentPortBridgeVars(parentNet Network) *ovnParentPortBridgeVars {
+
 	ovsBridge := fmt.Sprintf("lxdovn%d", parentNet.ID())
 
 	return &ovnParentPortBridgeVars{
@@ -629,18 +629,7 @@ func (n *ovn) deleteParentPort() error {
 
 // deleteParentPortBridge deletes the dnsmasq static lease and removes parent uplink OVS bridge if not in use.
 func (n *ovn) deleteParentPortBridge(parentNet Network) error {
-	err := dnsmasq.RemoveStaticEntry(parentNet.Name(), project.Default, n.getNetworkPrefix())
-	if err != nil {
-		return err
-	}
-
-	// Reload dnsmasq.
-	err = dnsmasq.Kill(parentNet.Name(), true)
-	if err != nil {
-		return err
-	}
-
-	// Lock parent network so we don;t race each other networks using the OVS uplink bridge.
+	// Lock parent network so we don't race each other networks using the OVS uplink bridge.
 	unlock := locking.Lock(n.parentOperationLockName(parentNet))
 	defer unlock()
 

From 1e793a8c9f2728d6d695bf372e04d13b96f435b7 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Wed, 2 Sep 2020 12:23:38 +0100
Subject: [PATCH 2/9] lxd/device/device/utils/network: Removes
 networkRandomDevName

Moving to network package.

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 lxd/device/device_utils_network.go | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/lxd/device/device_utils_network.go b/lxd/device/device_utils_network.go
index 9556bfda9c..7ca4f3efc5 100644
--- a/lxd/device/device_utils_network.go
+++ b/lxd/device/device_utils_network.go
@@ -1,8 +1,6 @@
 package device
 
 import (
-	"crypto/rand"
-	"encoding/hex"
 	"fmt"
 	"io/ioutil"
 	"strconv"
@@ -210,21 +208,6 @@ func networkRestorePhysicalNic(hostName string, volatile map[string]string) erro
 	return nil
 }
 
-// networkRandomDevName returns a random device name with prefix.
-// If the random string combined with the prefix exceeds 13 characters then empty string is returned.
-// This is to ensure we support buggy dhclient applications: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858580
-func networkRandomDevName(prefix string) string {
-	// Return a new random veth device name
-	randBytes := make([]byte, 4)
-	rand.Read(randBytes)
-	iface := prefix + hex.EncodeToString(randBytes)
-	if len(iface) > 13 {
-		return ""
-	}
-
-	return iface
-}
-
 // networkCreateVethPair creates and configures a veth pair. It will set the hwaddr and mtu settings
 // in the supplied config to the newly created peer interface. If mtu is not specified, but parent
 // is supplied in config, then the MTU of the new peer interface will inherit the parent MTU.

From 9a2348ae4283109bf0c128136914f50146de5cf9 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Wed, 2 Sep 2020 12:24:09 +0100
Subject: [PATCH 3/9] lxd/network/network/utils: Adds RandomDevName function

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 lxd/network/network_utils.go | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/lxd/network/network_utils.go b/lxd/network/network_utils.go
index 36ea1420b8..6e56eebdde 100644
--- a/lxd/network/network_utils.go
+++ b/lxd/network/network_utils.go
@@ -68,6 +68,21 @@ func networkValidPort(value string) error {
 	return nil
 }
 
+// RandomDevName returns a random device name with prefix.
+// If the random string combined with the prefix exceeds 13 characters then empty string is returned.
+// This is to ensure we support buggy dhclient applications: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858580
+func RandomDevName(prefix string) string {
+	// Return a new random veth device name.
+	randBytes := make([]byte, 4)
+	rand.Read(randBytes)
+	iface := prefix + hex.EncodeToString(randBytes)
+	if len(iface) > 13 {
+		return ""
+	}
+
+	return iface
+}
+
 // IsInUseByInstance indicates if network is referenced by an instance's NIC devices.
 // Checks if the device's parent or network properties match the network name.
 func IsInUseByInstance(s *state.State, c instance.Instance, networkName string) (bool, error) {

From 1371927f2c9db61d5a880115eaa9e047417ccf0d Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Wed, 2 Sep 2020 12:25:33 +0100
Subject: [PATCH 4/9] lxd/device: network.RandomDevName usage

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 lxd/device/device_utils_network.go | 2 +-
 lxd/device/nic_bridged.go          | 4 ++--
 lxd/device/nic_macvlan.go          | 2 +-
 lxd/device/nic_ovn.go              | 4 ++--
 lxd/device/nic_p2p.go              | 5 +++--
 lxd/device/nic_routed.go           | 2 +-
 6 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/lxd/device/device_utils_network.go b/lxd/device/device_utils_network.go
index 7ca4f3efc5..0f1852403c 100644
--- a/lxd/device/device_utils_network.go
+++ b/lxd/device/device_utils_network.go
@@ -213,7 +213,7 @@ func networkRestorePhysicalNic(hostName string, volatile map[string]string) erro
 // is supplied in config, then the MTU of the new peer interface will inherit the parent MTU.
 // Accepts the name of the host side interface as a parameter and returns the peer interface name.
 func networkCreateVethPair(hostName string, m deviceConfig.Device) (string, error) {
-	peerName := networkRandomDevName("veth")
+	peerName := network.RandomDevName("veth")
 
 	_, err := shared.RunCommand("ip", "link", "add", "dev", hostName, "type", "veth", "peer", "name", peerName)
 	if err != nil {
diff --git a/lxd/device/nic_bridged.go b/lxd/device/nic_bridged.go
index b30ba66d91..ef852fbc5e 100644
--- a/lxd/device/nic_bridged.go
+++ b/lxd/device/nic_bridged.go
@@ -247,12 +247,12 @@ func (d *nicBridged) Start() (*deviceConfig.RunConfig, error) {
 	// Create veth pair and configure the peer end with custom hwaddr and mtu if supplied.
 	if d.inst.Type() == instancetype.Container {
 		if saveData["host_name"] == "" {
-			saveData["host_name"] = networkRandomDevName("veth")
+			saveData["host_name"] = network.RandomDevName("veth")
 		}
 		peerName, err = networkCreateVethPair(saveData["host_name"], d.config)
 	} else if d.inst.Type() == instancetype.VM {
 		if saveData["host_name"] == "" {
-			saveData["host_name"] = networkRandomDevName("tap")
+			saveData["host_name"] = network.RandomDevName("tap")
 		}
 		peerName = saveData["host_name"] // VMs use the host_name to link to the TAP FD.
 		err = networkCreateTap(saveData["host_name"], d.config)
diff --git a/lxd/device/nic_macvlan.go b/lxd/device/nic_macvlan.go
index 788584f2cd..35e1eb25de 100644
--- a/lxd/device/nic_macvlan.go
+++ b/lxd/device/nic_macvlan.go
@@ -120,7 +120,7 @@ func (d *nicMACVLAN) Start() (*deviceConfig.RunConfig, error) {
 	actualParentName := network.GetHostDevice(d.config["parent"], d.config["vlan"])
 
 	// Record the temporary device name used for deletion later.
-	saveData["host_name"] = networkRandomDevName("mac")
+	saveData["host_name"] = network.RandomDevName("mac")
 
 	// Create VLAN parent device if needed.
 	statusDev, err := networkCreateVlanDeviceIfNeeded(d.state, d.config["parent"], actualParentName, d.config["vlan"])
diff --git a/lxd/device/nic_ovn.go b/lxd/device/nic_ovn.go
index 4b6db95bcd..e7a85d3e00 100644
--- a/lxd/device/nic_ovn.go
+++ b/lxd/device/nic_ovn.go
@@ -183,12 +183,12 @@ func (d *nicOVN) Start() (*deviceConfig.RunConfig, error) {
 	// Create veth pair and configure the peer end with custom hwaddr and mtu if supplied.
 	if d.inst.Type() == instancetype.Container {
 		if saveData["host_name"] == "" {
-			saveData["host_name"] = networkRandomDevName("veth")
+			saveData["host_name"] = network.RandomDevName("veth")
 		}
 		peerName, err = networkCreateVethPair(saveData["host_name"], d.config)
 	} else if d.inst.Type() == instancetype.VM {
 		if saveData["host_name"] == "" {
-			saveData["host_name"] = networkRandomDevName("tap")
+			saveData["host_name"] = network.RandomDevName("tap")
 		}
 		peerName = saveData["host_name"] // VMs use the host_name to link to the TAP FD.
 		err = networkCreateTap(saveData["host_name"], d.config)
diff --git a/lxd/device/nic_p2p.go b/lxd/device/nic_p2p.go
index 5f5b7ef089..c0a08df59c 100644
--- a/lxd/device/nic_p2p.go
+++ b/lxd/device/nic_p2p.go
@@ -6,6 +6,7 @@ import (
 	deviceConfig "github.com/lxc/lxd/lxd/device/config"
 	"github.com/lxc/lxd/lxd/instance"
 	"github.com/lxc/lxd/lxd/instance/instancetype"
+	"github.com/lxc/lxd/lxd/network"
 	"github.com/lxc/lxd/lxd/revert"
 	"github.com/lxc/lxd/shared"
 )
@@ -73,12 +74,12 @@ func (d *nicP2P) Start() (*deviceConfig.RunConfig, error) {
 	// Create veth pair and configure the peer end with custom hwaddr and mtu if supplied.
 	if d.inst.Type() == instancetype.Container {
 		if saveData["host_name"] == "" {
-			saveData["host_name"] = networkRandomDevName("veth")
+			saveData["host_name"] = network.RandomDevName("veth")
 		}
 		peerName, err = networkCreateVethPair(saveData["host_name"], d.config)
 	} else if d.inst.Type() == instancetype.VM {
 		if saveData["host_name"] == "" {
-			saveData["host_name"] = networkRandomDevName("tap")
+			saveData["host_name"] = network.RandomDevName("tap")
 		}
 		peerName = saveData["host_name"] // VMs use the host_name to link to the TAP FD.
 		err = networkCreateTap(saveData["host_name"], d.config)
diff --git a/lxd/device/nic_routed.go b/lxd/device/nic_routed.go
index 460993e639..ca056a4dac 100644
--- a/lxd/device/nic_routed.go
+++ b/lxd/device/nic_routed.go
@@ -193,7 +193,7 @@ func (d *nicRouted) Start() (*deviceConfig.RunConfig, error) {
 
 	hostName := d.config["host_name"]
 	if hostName == "" {
-		hostName = networkRandomDevName("veth")
+		hostName = network.RandomDevName("veth")
 	}
 	saveData["host_name"] = hostName
 

From b212605957e14def26aeb9da35f5318bae257d27 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Wed, 2 Sep 2020 14:13:41 +0100
Subject: [PATCH 5/9] lxd/network: Adds Description function

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 lxd/network/driver_common.go     | 5 +++++
 lxd/network/network_interface.go | 1 +
 2 files changed, 6 insertions(+)

diff --git a/lxd/network/driver_common.go b/lxd/network/driver_common.go
index 41197225f6..62be2bb808 100644
--- a/lxd/network/driver_common.go
+++ b/lxd/network/driver_common.go
@@ -109,6 +109,11 @@ func (n *common) Name() string {
 	return n.name
 }
 
+// Description returns the network description.
+func (n *common) Description() string {
+	return n.description
+}
+
 // Status returns the network status.
 func (n *common) Status() string {
 	return n.status
diff --git a/lxd/network/network_interface.go b/lxd/network/network_interface.go
index 69e787a14a..f8f0dabaf3 100644
--- a/lxd/network/network_interface.go
+++ b/lxd/network/network_interface.go
@@ -21,6 +21,7 @@ type Network interface {
 	ID() int64
 	Name() string
 	Type() string
+	Description() string
 	Status() string
 	Config() map[string]string
 	IsUsed() (bool, error)

From bc55a7aab15b34287836706635838d4f432fee14 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Wed, 2 Sep 2020 14:29:55 +0100
Subject: [PATCH 6/9] api: Adds network_bridge_ovn_bridge API extension

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 doc/api-extensions.md | 7 +++++++
 shared/version/api.go | 1 +
 2 files changed, 8 insertions(+)

diff --git a/doc/api-extensions.md b/doc/api-extensions.md
index 7ca5f9831e..ba8dcff0d2 100644
--- a/doc/api-extensions.md
+++ b/doc/api-extensions.md
@@ -1151,3 +1151,10 @@ Also introduces two new global config keys that apply to all `ovn` networks and
 
  - network.ovn.integration\_bridge - the OVS integration bridge to use.
  - network.ovn.northbound\_connection - the OVN northbound database connection string.
+
+## network\_bridge\_ovn\_bridge
+Adds the `ovn.ovs_bridge` setting to `bridge` networks to allow the `ovn` networks that use it as their parent
+`network` to access the name of the OVS bridge (and prefix for the related veth pair interfaces).
+
+If missing, the first `ovn` network to specify a `bridge` network as its parent `network` will cause the
+setting to be populated with a random interface name prefixed with "ovn".
diff --git a/shared/version/api.go b/shared/version/api.go
index 1288a75238..4771c18f21 100644
--- a/shared/version/api.go
+++ b/shared/version/api.go
@@ -224,6 +224,7 @@ var APIExtensions = []string{
 	"network_type_sriov",
 	"container_syscall_intercept_bpf_devices",
 	"network_type_ovn",
+	"network_bridge_ovn_bridge",
 }
 
 // APIExtensionsCount returns the number of available API extensions.

From 0632782fa73855bac2f0a02abb5d4f690bd8937d Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Wed, 2 Sep 2020 14:14:45 +0100
Subject: [PATCH 7/9] lxd/network/driver/ovn: Updates parentPortBridgeVars to
 use ovn.ovs_bridge from parent network

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 lxd/network/driver_ovn.go | 46 ++++++++++++++++++++++++++++++---------
 1 file changed, 36 insertions(+), 10 deletions(-)

diff --git a/lxd/network/driver_ovn.go b/lxd/network/driver_ovn.go
index 3c13ec5672..8414132368 100644
--- a/lxd/network/driver_ovn.go
+++ b/lxd/network/driver_ovn.go
@@ -19,7 +19,6 @@ import (
 	"github.com/lxc/lxd/lxd/db"
 	"github.com/lxc/lxd/lxd/locking"
 	"github.com/lxc/lxd/lxd/network/openvswitch"
-	"github.com/lxc/lxd/lxd/project"
 	"github.com/lxc/lxd/lxd/revert"
 	"github.com/lxc/lxd/lxd/util"
 	"github.com/lxc/lxd/shared"
@@ -35,6 +34,10 @@ const ovnChassisPriorityMax = 32767
 const ovnVolatileParentIPv4 = "volatile.network.ipv4.address"
 const ovnVolatileParentIPv6 = "volatile.network.ipv6.address"
 
+// ovnParentOVSBridge setting on the parent network indicating the name to use for the OVS bridge and prefix for
+// associated veth interfaces when using the parent network as an OVN uplink.
+const ovnParentOVSBridge = "ovn.ovs_bridge"
+
 // ovnParentVars OVN object variables derived from parent network.
 type ovnParentVars struct {
 	// Router.
@@ -504,21 +507,40 @@ func (n *ovn) parentOperationLockName(parentNet Network) string {
 }
 
 // parentPortBridgeVars returns the parent port bridge variables needed for port start/stop.
-func (n *ovn) parentPortBridgeVars(parentNet Network) *ovnParentPortBridgeVars {
+func (n *ovn) parentPortBridgeVars(parentNet Network) (*ovnParentPortBridgeVars, error) {
+	parentConfig := parentNet.Config()
+	if parentConfig[ovnParentOVSBridge] == "" {
+		// Generate random OVS bridge name for parent uplink.
+		parentConfig[ovnParentOVSBridge] = RandomDevName("ovn")
 
-	ovsBridge := fmt.Sprintf("lxdovn%d", parentNet.ID())
+		// Store in parent config.
+		err := n.state.Cluster.Transaction(func(tx *db.ClusterTx) error {
+			err := tx.UpdateNetwork(parentNet.ID(), parentNet.Description(), parentConfig)
+			if err != nil {
+				return errors.Wrapf(err, "Failed saving parent network OVN OVS bridge name")
+			}
 
-	return &ovnParentPortBridgeVars{
-		ovsBridge: ovsBridge,
-		parentEnd: fmt.Sprintf("%sa", ovsBridge),
-		ovsEnd:    fmt.Sprintf("%sb", ovsBridge),
+			return nil
+		})
+		if err != nil {
+			return nil, err
+		}
 	}
+
+	return &ovnParentPortBridgeVars{
+		ovsBridge: parentConfig[ovnParentOVSBridge],
+		parentEnd: fmt.Sprintf("%sa", parentConfig[ovnParentOVSBridge]),
+		ovsEnd:    fmt.Sprintf("%sb", parentConfig[ovnParentOVSBridge]),
+	}, nil
 }
 
 // startParentPortBridge creates veth pair (if doesn't exist), creates OVS bridge (if doesn't exist) and
 // connects veth pair to parent bridge and OVS bridge.
 func (n *ovn) startParentPortBridge(parentNet Network) error {
-	vars := n.parentPortBridgeVars(parentNet)
+	vars, err := n.parentPortBridgeVars(parentNet)
+	if err != nil {
+		return err
+	}
 
 	// Lock parent network so that if multiple OVN networks are trying to connect to the same parent we don't
 	// race each other setting up the connection.
@@ -540,7 +562,7 @@ func (n *ovn) startParentPortBridge(parentNet Network) error {
 	}
 
 	// Ensure correct sysctls are set on uplink veth interfaces to avoid getting IPv6 link-local addresses.
-	_, err := shared.RunCommand("sysctl",
+	_, err = shared.RunCommand("sysctl",
 		fmt.Sprintf("net.ipv6.conf.%s.disable_ipv6=1", vars.parentEnd),
 		fmt.Sprintf("net.ipv6.conf.%s.disable_ipv6=1", vars.ovsEnd),
 		fmt.Sprintf("net.ipv6.conf.%s.forwarding=0", vars.parentEnd),
@@ -635,7 +657,11 @@ func (n *ovn) deleteParentPortBridge(parentNet Network) error {
 
 	// Check OVS uplink bridge exists, if it does, check how many ports it has.
 	removeVeths := false
-	vars := n.parentPortBridgeVars(parentNet)
+	vars, err := n.parentPortBridgeVars(parentNet)
+	if err != nil {
+		return err
+	}
+
 	if shared.PathExists(fmt.Sprintf("/sys/class/net/%s", vars.ovsBridge)) {
 		ovs := openvswitch.NewOVS()
 		ports, err := ovs.BridgePortList(vars.ovsBridge)

From 06425c9f62cc4365d568bb6f692b40466c5525b8 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Wed, 2 Sep 2020 14:13:59 +0100
Subject: [PATCH 8/9] lxd/network/driver/bridge: Adds ovn.ovs_bridge config key
 for OVN networks using bridge as parent

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 lxd/network/driver_bridge.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lxd/network/driver_bridge.go b/lxd/network/driver_bridge.go
index 8ef1e612e4..c00a75af4a 100644
--- a/lxd/network/driver_bridge.go
+++ b/lxd/network/driver_bridge.go
@@ -226,6 +226,8 @@ func (n *bridge) Validate(config map[string]string) error {
 
 		"raw.dnsmasq": validate.IsAny,
 
+		ovnParentOVSBridge: validate.Optional(validInterfaceName),
+
 		"maas.subnet.ipv4": validate.IsAny,
 		"maas.subnet.ipv6": validate.IsAny,
 	}

From cada30dcb200ab19d0d02a28d0327b4dee6bde62 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Wed, 2 Sep 2020 14:48:48 +0100
Subject: [PATCH 9/9] doc/api: Removes underscore escaping when used inside
 backticks

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 doc/api-extensions.md | 48 +++++++++++++++++++++----------------------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/doc/api-extensions.md b/doc/api-extensions.md
index ba8dcff0d2..fa749cb371 100644
--- a/doc/api-extensions.md
+++ b/doc/api-extensions.md
@@ -577,7 +577,7 @@ This introduces the new candid.api.url config option and removes
 core.macaroon.endpoint.
 
 ## backup\_compression
-This introduces a new backups.compression\_algorithm config key which
+This introduces a new `backups.compression_algorithm` config key which
 allows configuration of backup compression.
 
 ## candid\_config
@@ -680,9 +680,9 @@ option `snapshots.expiry` takes an expression in the form of `1M 2H 3d 4w 5m
 parts have to be used.
 
 Snapshots which are then created will be given an expiry date based on the
-expression. This expiry date, defined by `expires\_at`, can be manually edited
+expression. This expiry date, defined by `expires_at`, can be manually edited
 using the API or `lxc config edit`. Snapshots with a valid expiry date will be
-removed when the task in run. Expiry can be disabled by setting `expires\_at` to
+removed when the task in run. Expiry can be disabled by setting `expires_at` to
 an empty string or `0001-01-01T00:00:00Z` (zero time). This is the default if
 `snapshots.expiry` is not set.
 
@@ -717,7 +717,7 @@ used to track the current mapping for the container.
 
 This effectively gives us:
 
- - `volatile.last\_state.idmap` => On-disk idmap
+ - `volatile.last_state.idmap` => On-disk idmap
  - `volatile.idmap.current` => Current kernel map
  - `volatile.idmap.next` => Next on-disk idmap
 
@@ -760,7 +760,7 @@ by a container that a registered syscall has been performed. LXD can then
 decide to trigger various actions.
 
 ## lxc\_features
-This introduces the `lxc\_features` section output from the `lxc info` command
+This introduces the `lxc_features` section output from the `lxc info` command
 via the `GET /1.0/` route. It outputs the result of checks for key features being present in the
 underlying LXC library.
 
@@ -768,7 +768,7 @@ underlying LXC library.
 This introduces the `ipvlan` "nic" device type.
 
 ## network\_vlan\_sriov
-This introduces VLAN (`vlan`) and MAC filtering (`security.mac\_filtering`) support for SR-IOV devices.
+This introduces VLAN (`vlan`) and MAC filtering (`security.mac_filtering`) support for SR-IOV devices.
 
 ## storage\_cephfs
 Add support for CEPHFS as a storage pool driver. This can only be used
@@ -776,7 +776,7 @@ for custom volumes, images and containers should be on CEPH (RBD)
 instead.
 
 ## container\_nic\_ipfilter
-This introduces container IP filtering (`security.ipv4\_filtering` and `security.ipv6\_filtering`) support for `bridged` nic devices.
+This introduces container IP filtering (`security.ipv4_filtering` and `security.ipv6_filtering`) support for `bridged` nic devices.
 
 ## resources\_v2
 Rework the resources API at /1.0/resources, especially:
@@ -822,8 +822,8 @@ This makes use of shiftfs as an overlay filesystem.
 Export infiniband character device information (issm, umad, uverb) as part of the resources API.
 
 ## daemon\_storage
-This introduces two new configuration keys `storage.images\_volume` and
-`storage.backups\_volume` to allow for a storage volume on an existing
+This introduces two new configuration keys `storage.images_volume` and
+`storage.backups_volume` to allow for a storage volume on an existing
 pool be used for storing the daemon-wide images and backups artifacts.
 
 ## instances
@@ -853,15 +853,15 @@ This allows for editing of the expiry date on images.
 Adds a FirmwareVersion field to network card entries.
 
 ## backup\_compression\_algorithm
-This adds support for a `compression\_algorithm` property when creating a backup (`POST /1.0/containers/<name>/backups`).
+This adds support for a `compression_algorithm` property when creating a backup (`POST /1.0/containers/<name>/backups`).
 
-Setting this property overrides the server default value (`backups.compression\_algorithm`).
+Setting this property overrides the server default value (`backups.compression_algorithm`).
 
 ## ceph\_data\_pool\_name
-This adds support for an optional argument (`ceph.osd.data\_pool\_name`) when creating
+This adds support for an optional argument (`ceph.osd.data_pool_name`) when creating
 storage pools using Ceph RBD, when this argument is used the pool will store it's
-actual data in the pool specified with `data\_pool\_name` while keeping the metadata
-in the pool specified by `pool\_name`.
+actual data in the pool specified with `data_pool_name` while keeping the metadata
+in the pool specified by `pool_name`.
 
 ## container\_syscall\_intercept\_mount
 Adds the `security.syscalls.intercept.mount`,
@@ -918,7 +918,7 @@ This allows it to inherit some of the network's settings and allows better valid
 
 ## clustering\_sizing
 Support specifying a custom values for database voters and standbys.
-The new cluster.max\_voters and cluster.max\_standby configuration keys were introduced
+The new `cluster.max_voters` and `cluster.max_standby` configuration keys were introduced
 to specify to the ideal number of database voter and standbys.
 
 ## firewall\_driver
@@ -965,7 +965,7 @@ configuration keys: `snapshots.schedule` and
 
 ## trust\_ca\_certificates
 This allows for checking client certificates trusted by the provided CA (`server.ca`).
-It can be enabled by setting `core.trust\_ca\_certificates` to true.
+It can be enabled by setting `core.trust_ca_certificates` to true.
 If enabled, it will perform the check, and bypass the trusted password if true.
 An exception will be made if the connecting client certificate is in the provided CRL (`ca.crl`).
 In this case, it will ask for the password.
@@ -977,17 +977,17 @@ This adds a new `size` field to the output of `/1.0/instances/<name>/snapshots/<
 This adds a writable endpoint for cluster members, allowing the editing of their roles.
 
 ## container\_nic\_routed\_host\_address
-This introduces the `ipv4.host\_address` and `ipv6.host\_address` NIC config keys that can be used to control the
+This introduces the `ipv4.host_address` and `ipv6.host_address` NIC config keys that can be used to control the
 host-side veth interface's IP addresses. This can be useful when using multiple routed NICs at the same time and
 needing a predictable next-hop address to use.
 
 This also alters the behaviour of `ipv4.gateway` and `ipv6.gateway` NIC config keys. When they are set to "auto"
-the container will have its default gateway set to the value of `ipv4.host\_address` or `ipv6.host\_address` respectively.
+the container will have its default gateway set to the value of `ipv4.host_address` or `ipv6.host_address` respectively.
 
 The default values are:
 
-`ipv4.host\_address`: 169.254.0.1
-`ipv6.host\_address`: fe80::1
+`ipv4.host_address`: 169.254.0.1
+`ipv6.host_address`: fe80::1
 
 This is backward compatible with the previous default behaviour.
 
@@ -1007,19 +1007,19 @@ rather than per core as some hardware apparently puts threads in
 different NUMA domains.
 
 ## resources\_cpu\_core\_die
-Exposes the die\_id information on each core.
+Exposes the `die_id` information on each core.
 
 ## api\_os
-This introduces two new fields in `/1.0`, `os` and `os\_version`.
+This introduces two new fields in `/1.0`, `os` and `os_version`.
 
 Those are taken from the os-release data on the system.
 
 ## container\_nic\_routed\_host\_table
-This introduces the `ipv4.host\_table` and `ipv6.host\_table` NIC config keys that can be used to add static routes
+This introduces the `ipv4.host_table` and `ipv6.host_table` NIC config keys that can be used to add static routes
 for the instance's IPs to a custom policy routing table by ID.
 
 ## container\_nic\_ipvlan\_host\_table
-This introduces the `ipv4.host\_table` and `ipv6.host\_table` NIC config keys that can be used to add static routes
+This introduces the `ipv4.host_table` and `ipv6.host_table` NIC config keys that can be used to add static routes
 for the instance's IPs to a custom policy routing table by ID.
 
 ## container\_nic\_ipvlan\_mode


More information about the lxc-devel mailing list