Skip to content

Add support for LXD server and VM composer #176

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 12 commits into
base: spectro-master
Choose a base branch
from
Open

Add support for LXD server and VM composer #176

wants to merge 12 commits into from

Conversation

@AmitSahastra
Copy link
Contributor

@AmitSahastra AmitSahastra commented Jul 23, 2025
edited
Loading

LXD Initializer DaemonSet for Secure VM Host Provisioning

Overview

This PR introduces a Kubernetes DaemonSet approach for LXD initialization and VM host registration. This approach addresses a critical reviewer comment about direct LXD socket access from the CAPMaaS controller and improves security and scalability in distributed environments.

Key Changes

  • Added lxd-initializer DaemonSet that runs on each node to initialize LXD and register the node as a VM host with MAAS
  • Updated pkg/maas/lxd/host.go to use MAAS API exclusively for VM host operations
  • Enhanced pkg/maas/vmhosts package with comprehensive MAAS API client for VM host management
  • Removed all direct LXD socket access from the CAPMaaS controller
  • Added documentation for DaemonSet integration

Architecture

The new architecture separates concerns:

  1. LXD Initializer DaemonSet: Runs on each node to initialize LXD and register with MAAS
  2. CAPMaaS Controller: Uses MAAS API to create and manage VMs on registered VM hosts

This approach complements the existing LXD provisioning work by providing a secure and scalable method for LXD initialization while maintaining the comprehensive VM provisioning capabilities.

Benefits

  • Security: No direct LXD socket access from controller
  • Scalability: Works correctly in distributed environments
  • Separation of Concerns: Clear separation between node-side initialization and controller-side VM provisioning
  • API-Based: Uses MAAS API for all operations, no CLI commands

Testing

  • Tested LXD initialization on Ubuntu 22.04 with LXD 5.x
  • Verified VM host registration with MAAS API
  • Confirmed compatibility with existing VM provisioning workflow

Documentation

  • Added lxd-initializer/README.md with setup and usage instructions
  • Added lxd-initializer/integration.md with integration guide
  • Added lxd-initializer/SUMMARY.md with architectural overview

AmitSahastra and others added 11 commits July 23, 2025 11:36
@AmitSahastra
Add support for LXD server and VM composer
f5d80a6
@AmitSahastra
Vmhost and lxd initiliser daemon
da2cebe
@AmitSahastra
Fix MAAS client identity to use secret or environment variables and a…
a25c502 
…dd LXD documentation
@AmitSahastra
Fix make generate command to exclude lxd-initializer directory
52e1134
@AmitSahastra
Update generate-manifests to include controllers directory for RBAC g…
e2ba5a8 
…eneration
@AmitSahastra
LXD Support for Controlplane Cluster:
2aee382 
- Support for LXD init via daemonset
- Launch daemonset from capmaas-controller
- Register CP node as LXD host from capmaas-controller
@AmitSahastra
Fix maas profile creation
9602bf5
@AmitSahastra
Code refactoring, commented redundent code for now
067010d
@AmitSahastra
Workload cluster and VM creation fix. Code refactoring
c2a3bf8
@AmitSahastra
Update changes
6757206
@AmitSahastra
Merge branch 'spectro-master' into amit/maas_lxd_solution
e872f36
@AmitSahastra AmitSahastra marked this pull request as ready for review August 11, 2025 13:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@AmitSahastra