Toggle side navigation
Toggle side navigation

LXD

LXD

LXD is a next generation system container and virtual machine manager. It offers a unified user experience around full Linux systems running inside containers or virtual machines.

It’s image based with pre-made images available for a wide number of Linux distributions and is built around a very powerful, yet pretty simple, REST API.

To get a better idea of what LXD is and what it does, you can try it online! Then if you want to run it locally, take a look at our getting started guide.

Release announcements can be found here: https://linuxcontainers.org/lxd/news/

And the release tarballs here: https://linuxcontainers.org/lxd/downloads/

The documentation is here: https://linuxcontainers.org/lxd/docs/master/

Status

Type

Service

Status

CI (client)

GitHub

Build Status

CI (server)

Jenkins

Build Status

Go documentation

Godoc

GoDoc

Static analysis

GoReport

Go Report Card

Translations

Weblate

Translation status

Project status

CII Best Practices

CII Best Practices

Security

LXD, similar to other container and VM managers provides a UNIX socket for local communication.

WARNING: Anyone with access to that socket can fully control LXD, which includes the ability to attach host devices and filesystems, this should therefore only be given to users who would be trusted with root access to the host.

When listening on the network, the same API is available on a TLS socket (HTTPS), specific access on the remote API can be restricted through Canonical RBAC.

More details are available here.

Bug reports

Bug reports and Feature requests can be filed at: https://github.com/lxc/lxd/issues/new

Contributing

Fixes and new features are greatly appreciated but please read our contributing guidelines first.

Support and discussions

Forum

A discussion forum is available at: https://discuss.linuxcontainers.org

Mailing-lists

We use the LXC mailing-lists for developer and user discussions, you can find and subscribe to those at: https://lists.linuxcontainers.org

IRC

If you prefer live discussions, you can find us in #lxc on irc.libera.chat.

Hacking on LXD

Directly using the REST API

The LXD REST API can be used locally via unauthenticated Unix socket or remotely via SSL encapsulated TCP.

Via Unix socket

curl --unix-socket /var/lib/lxd/unix.socket \
    -H "Content-Type: application/json" \
    -X POST \
    -d @hello-ubuntu.json \
    lxd/1.0/containers

or for snap users:

curl --unix-socket /var/snap/lxd/common/lxd/unix.socket \
    -H "Content-Type: application/json" \
    -X POST \
    -d @hello-ubuntu.json \
    lxd/1.0/containers

Via TCP

TCP requires some additional configuration and is not enabled by default.

lxc config set core.https_address "[::]:8443"

curl -k -L \
    --cert ~/.config/lxc/client.crt \
    --key ~/.config/lxc/client.key \
    -H "Content-Type: application/json" \
    -X POST \
    -d @hello-ubuntu.json \
    "https://127.0.0.1:8443/1.0/containers"

JSON payload

The hello-ubuntu.json file referenced above could contain something like:

{
    "name":"some-ubuntu",
    "ephemeral":true,
    "config":{
        "limits.cpu":"2"
    },
    "source": {
        "type":"image",
        "mode":"pull",
        "protocol":"simplestreams",
        "server":"https://cloud-images.ubuntu.com/releases",
        "alias":"18.04"
    }
}