The first version of Incus, the community project working on a fork of Canonical's so-called LXD "containervisor," is here.

The release announcement for Incus 0.1 says that this version is "roughly equivalent to LXD 5.18, but with a number of breaking changes on top of the obvious rename."

LXD 5.18 is the latest version at the time of writing, released about three weeks ago. From the release notes, this seems to be principally a maintenance and bugfix release.

As we reported back in August, Incus is a new fork of the Canonical LXD container manager, LXD, which followed closely upon Canonical's announcement that it was withdrawing LXD from the Linux Containers project and taking its development back in house. Although he didn't initiate the fork - as we reported last time, that was SUSE's Alexa Sarai - the Incus fork was created with the assistance of Canonical's former project lead, Stéphane Graber. As he also wrote this release announcement, he clearly remains closely involved.

The first release of Incus doesn't add any significant new functionality. Aside from renaming the program, for now the developers are focusing on removing some legacy cruft. For instance, LXD originally only supported containers; it acquired support for managing full virtual machines as well with version 4.0. This split was encoded in LXD's REST and Go APIs, with separate function prefixes for containers and VMs. That's now gone: both are merged under the prefix instances.

Many of the changes concern removing dependencies on Ubuntu and Canonical technologies and services. One of the Incus developers, Free Ekanayaka, originally developed Canonical's cluster-aware SQLite, Dqlite. He has forked that to create Cowsql, and Incus now uses that instead. Calls to Ubuntu's Fan inter-container networking system have been removed, as it isn't supported on any other distro.

The functionality of Ubuntu's own shiftfs kernel tool, which changes GID and UID values on the fly, has been largely replaced by support for ID-mapped mounts, which we mentioned was coming in kernel 6.2 last year. So, Incus is dropping support for the Ubuntu mechanism in favour of this more standard one. It has also dropped Ubuntu's Candid authentication service, replacing it with the more standard OpenFGA.

LXD works closely with Canonical's MaaS, or Metal as a Service. For instance, MaaS uses its own role-based access control system. MaaS integration has gone too. However, there isn't a replacement for the RBAC functionality yet, although the plan is to use OpenFGA for this as well.

There are some other, smaller changes here too, less directly connected with disentangling Incus from Ubuntu and Canonical.

To judge from comments we've seen in various communities, LXD was one of Canonical's more popular technologies - although we've also seen many people confused by the difference between LXD and its parent project LXC, as we discussed when it reabsorbed the project. While theoretically containers are used for conceptually clean microservices designs, real life is rarely that simple. This can cause issues with existing container tools, as Red Hat's Scott McCarty has discussed in depth. LXD embraces this, and aims to make it easier to manage containers as if they were VMs. A more distro-neutral version of this can only be a good thing for the wider Linux community - and it might also serve to slap Canonical on the wrist for keeping stuff rather more private and proprietary than the Linux world likes. ®

Bootnote

If you want to play with Incus without installing anything, the developers have a free public test server which needs no account or sign-in on this page.

https://www.theregister.com//2023/10/10/incus_01_lxd_fork/