Skip to content

LinuxSecurityModules/lxd

 
 

Repository files navigation

LXD

LXD

LXD is a modern, secure and powerful system container and virtual machine manager.

It provides a unified experience for running and managing full Linux systems inside containers or virtual machines. LXD supplies images for a wide number of Linux distributions and is built around a very powerful, yet pretty simple, REST API. LXD scales from one instance on a single machine to a cluster in a full data center rack, making it suitable for running workloads both for development and in production.

LXD allows you to easily set up a system that feels like a small private cloud. You can run any type of workload in an efficient way while keeping your resources optimized.

You should consider using LXD if you want to containerize different environments or run virtual machines, or in general run and manage your infrastructure in a cost-effective way.

Get started

To get a better idea of what LXD is and what it does, you can try it online! Then if you want to run it locally, take a look at our getting started guide.

Status

Type Service Status
CI (client) GitHub Build Status
CI (server) Jenkins Build Status
Go documentation Godoc GoDoc
Static analysis GoReport Go Report Card
Translations Weblate Translation status
Project status CII Best Practices CII Best Practices

Installing LXD from packages

The LXD daemon only works on Linux but the client tool (lxc) is available on most platforms.

OS Format Command
Linux Snap snap install lxd
Windows Chocolatey choco install lxc
macOS Homebrew brew install lxc

More instructions on installing LXD for a wide variety of Linux distributions and operating systems can be found on our website.

To install LXD from source, see Installing LXD in the documentation.

Security

Consider the following aspects to ensure that your LXD installation is secure:

  • Keep your operating system up-to-date and install all available security patches.
  • Use only supported LXD versions (LTS releases or monthly feature releases).
  • Restrict access to the LXD daemon and the remote API.
  • Do not use privileged containers unless required. If you use privileged containers, put appropriate security measures in place. See the LXC security page for more information.
  • Configure your network interfaces to be secure.

See Security for detailed information.

IMPORTANT:

Local access to LXD through the Unix socket always grants full access to LXD. This includes the ability to attach file system paths or devices to any instance as well as tweak the security features on any instance.

Therefore, you should only give such access to users who you'd trust with root access to your system.

Support and community

The following channels are available for you to interact with the LXD community.

Bug reports

You can file bug reports and feature requests at: https://github.com/lxc/lxd/issues/new

Forum

A discussion forum is available at: https://discuss.linuxcontainers.org

Mailing lists

We use the LXC mailing lists for developer and user discussions. You can find and subscribe to those at: https://lists.linuxcontainers.org

IRC

If you prefer live discussions, you can find us in #lxc on irc.libera.chat. See Getting started with IRC if needed.

Commercial support

Commercial support for LXD can be obtained through Canonical Ltd.

Documentation

The official documentation is available at: https://linuxcontainers.org/lxd/docs/latest/

You can find additional resources on the website, on YouTube and in the Tutorials section in the forum.

Contributing

Fixes and new features are greatly appreciated. Make sure to read our contributing guidelines first!

About

Powerful system container and virtual machine manager

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 88.7%
  • Shell 8.4%
  • C 2.5%
  • Python 0.2%
  • Makefile 0.1%
  • HTML 0.1%