LXC (Linux Containers) is a distribution and management-neutral container technology for virtualization at the operating-system level. LXC is the low-level basis, provides language bindings, and widely supported tools. The stack utilizes kernel namespace isolation and cgroups to provide OS views with self-contained process trees, network settings, filesystems and distinct user ids. It's used similarly to OpenVZ or Linux-vServers, even can be used as execution driver within Docker; but requires no additionally patched kernel.
1.1.007 Feb 2015 06:05
LXC 1.1 introduces checkpoint/restore support for containers through CRIU,
for serializing container running state to disk, live migrations and restorations.
Better support for running with systemd regardless of user privileges in
combination with lxcfs. Init scripts for systemd, sysvinit and upstart
provide roughly the same feature set now.
lxc-autostart: New -A/--ignore-auto flag (starts all containers).
lxc-ls: New "interface" field.
oracle: Allow installing from arbitrary yum repositories, Add Oracle Linux 7 support.
lxc-ls: Allow filtering containers by group even without --fancy.
core: Add support for qcow2 images through qemu-img.
lxc-autostart: Add support for the NULL group.
core: Track an unexpanded version of the configuration as well as comments.
core: Allow lxc.cap.keep be set to none.
archlinux: Switch to using common configurations.
ubuntu: use btrfs subvolumes and snapshots when available.
seccomp: Set a default seccomp profile for all distros (blocks dangerous
core: Add support for Openvswitch bridges.
core: Add support for lxc.environment (sets extra environment variables).
init: Add identical support of systemd, upstart and sysvinit scripts.
core: Add support for checkpoint and restore of containers using CRIU.
core: Add a new aa_allow_incomplete flag to allow container startup with
partial apparmor support.
lxc-top: Now a C binary installed by default.
API: Addition of attach_interface and detach_interface.
lxc-device: Now a C binary installed by default.
lxc-config: Now supports querying lxc.cgroup.use pattern.
lxc-start-ephemeral: Add new --cdir option (copy-on-write mounts).
core: lxc.include now allows including directories.
core: A new common.conf.d configuration directory is available for users
and packages to drop configuration snippets to be applied to all
core: The container_ttys environment variable is now set by LXC.
1.0.731 Jan 2015 11:05
Include network prefix when ipv4/ipv6 keys are queried.
apparmor: silence 'silent' mount denials.
add file/func/line to debug info.
apparmor: restrict signal and ptrace for processes.
cgmanager: several fixes.
lxc: don't call pivot_root if / is on a ramfs.
fix lxc.mount.auto clearing.
conf.c: Define MS_PRIVATE for Android.
network: convert param ifname to const..
network: check result of if_nametoindex()..
network: allow lxc_network_move_by_index() rename netdev in moving..
network: introduce a interface named lxc_netdev_isup()..
lxccontainer.c: rename enter_to_ns to enter_net_ns.
lxc_global_config_value can return the default lxc.cgroup.pattern whether.
root or non-root.
do_rootfs_setup: fix return bugs.
lxc-start: don't re-try to mount rootfs if we already did so.
attach: don't use confstr(_CS_PATH).
lxc_global_config_value: simplify the theme.
Fixed mismatch on ipvX gateway.
attach: don't ignore sigint/sigkill if stdin is redirected.
cgmanager: fix 'attach' with "all" controller support.
lxc/utils: bugfix freed pointer return value.
conf.c: change 'instanciate' to 'instantiate'.
fix wrong nlmsg_len.
Remounts bind mounts if read-only flag is provided.
Allow lxc_clear_config_item to clear idmaps..
overlay and aufs clone_paths: be more robust.
overlayfs: overlayfs.v22 or higher needs workdir option.
Fix clone issues.
Improve veth error cases logging.
fixed typo in comment.
audit: added capacity and reserve() to nlmsg.
rmdir and lxc_unpriv returns non-negative error codes.