The Incus team is pleased to announce the release of Incus 6.23!
This release is going to be our last 6.x release before Incus 7.0 LTS which is due out on April 30th.
It’s also quite a busy release with a good mix of security issues (mostly thanks to an ongoing analysis by 7asecurity), bug fixes and performance improvements and then a very good selection of features from expanding our OS support for VMs to adding more flexible instance storage with dependent volumes!
And as always, my company is offering commercial support on Incus, ranging from by-the-hour support contracts to one-off services on things like initial migration from LXD, review of your deployment to squeeze the most out of Incus or even feature sponsorship. You’ll find all details of that here: https://zabbly.com/incus
Donations towards my work on this and other open source projects is also always appreciated, you can find me on Github Sponsors, Patreon and Ko-fi.
The Linux Containers project maintains Long Term Support (LTS) releases for its core projects. Those come with 5 years of support from upstream with the first two years including bugfixes, minor improvements and security fixes and the remaining 3 years getting only security fixes.
This is now the sixth round of bugfix releases for LXC, LXCFS and Incus 6.0 LTS.
LXC
LXC is the oldest Linux Containers project and the basis for almost every other one of our projects. This low-level container runtime and library was first released in August 2008, led to the creation of projects like Docker and today is still actively used directly or indirectly on millions of systems.
Improved systemd scope handling for unprivileged containers
Added support for OpenRC as an init system
Fixed a data transfer race in the attach logic when using io_uring
Fixed handling of lxc.cap.keep and lxc.cap.drop in configuration
LXCFS
LXCFS is a FUSE filesystem used to workaround some shortcomings of the Linux kernel when it comes to reporting available system resources to processes running in containers. The project started in late 2014 and is still actively used by Incus today as well as by some Docker and Kubernetes users.
Fix issue causing the cgroup2 mount flags to be changed on startup
Incus
Incus is our most actively developed project. This virtualization platform is just over a year old but has already seen over 3500 commits by over 120 individual contributors. Its first LTS release made it usable in production environments and significantly boosted its user base.
Override-able configuration and devices on backup import
database-client cluster role
Support for parent=none on OVN uplink networks
Cluster groups in configuration preseed
Systemd credentials
Storage volume file operations
Export of ISO volumes
BPF token delegation
MacOS support for the Incus agent
VirtIO sound card in VMs
Support for detaching USB devices without removing them
dns.mode for OVN network
Configurable MAC address patterns
Extended IncusOS CLI
Initial SELinux support
Improved Windows agent support
Serial devices in the resources API
Bandwidth limits on OVN NICs
Support for multi-object deletion in most CLI commands
Ability to turn off passthrough of PCI firmware to VM
PKCS12 generation in the CLI
Option for raw units in CLI CSV output
QCOW2 formatted volumes on clustered LVM
Standalone incus cluster join command
Configuration file for the VM agent
Reverse DNS records in OVN
incus wait command
Automatic SR-IOV selection for network interfaces
attached and connected properties on network interfaces
Parallel instance startup
Network restrictions through OIDC claims
Better support for the SOA in network zones
Support for forceful (recursive) file deletion in API
vsock support for the WIndows agent
Direct backup retrieval
Disk-only snapshot restoration
Dedicated storage volume for server logs
QCOW2 storage improvements
lvmcluster storage pool resizing
Automatic snapshot removal on restore with lvmcluster
Full USB controller passthrough in unix-hotplug
Certificate information in the authorization scriptlet
VM fast reboot
Image server URL restrictions in projects
URL based imports in incus-migrate
Multi-domain certificates with ACME
Control of trusted property on SR-IOV NICs
Additional cluster member states to track evacuation
Cluster restore without instance migration
Instance boot time metrics
What’s next?
We’re expecting one last round of LTS bugfix release for the 6.0 branches around May/June 2026 following the release of the 7.0 LTS in April 2026. After that, the 6.0 branches will be in security-only maintenance mode for the remaining three year of support while we focus our bugfix and improvements efforts on the 7.0 branches.
The Incus team is pleased to announce the release of Incus 6.22!
This is quite the busy release with a lot of changes all across the board on top of a large quantities of bugfixes. There should be something for everyone!
On the feature front, the highlights for this release are:
vsock support for the WIndows agent
Direct backup retrieval
Disk-only snapshot restoration
Dedicated storage volume for server logs
QCOW2 storage improvements
lvmcluster storage pool resizing
Automatic snapshot removal on restore with lvmcluster
Full USB controller passthrough in unix-hotplug
Certificate information in the authorization scriptlet
VM fast reboot
Image server URL restrictions in projects
URL based imports in incus-migrate
Multi-domain certificates with ACME
Control of trusted property on SR-IOV NICs
Additional cluster member states to track evacuation
Cluster restore without instance migration
Instance boot time metrics
The full announcement and changelog can be found here. And for those who prefer videos, here’s the release overview video:
And as always, my company is offering commercial support on Incus, ranging from by-the-hour support contracts to one-off services on things like initial migration from LXD, review of your deployment to squeeze the most out of Incus or even feature sponsorship. You’ll find all details of that here: https://zabbly.com/incus
Donations towards my work on this and other open source projects is also always appreciated, you can find me on Github Sponsors, Patreon and Ko-fi.
The Incus team is pleased to announce the release of Incus 6.21!
We’re starting 2026 with a couple of security fixes, but that’s not all, we’re also introducing some long requested CLI improvements, made SR-IOV easier to use with network cards, improved startup performance and more!
This release includes two security fixes:
CVE-2026-23953 (Newline injection in environment variable)
CVE-2026-23954 (Arbitrary file read/write through templates)
On the feature front, the highlights for this release are:
New “incus wait” command
Automatic SR-IOV network VF selection
Support for detaching and disconnecting network interfaces
Parallel instance startup
Source subnet restrictions through OIDC claims
Better DNS SOA handling in network zones
Forceful (recursive) directory deletion in file REST API
The full announcement and changelog can be found here. And for those who prefer videos, here’s the release overview video:
And as always, my company is offering commercial support on Incus, ranging from by-the-hour support contracts to one-off services on things like initial migration from LXD, review of your deployment to squeeze the most out of Incus or even feature sponsorship. You’ll find all details of that here: https://zabbly.com/incus
Donations towards my work on this and other open source projects is also always appreciated, you can find me on Github Sponsors, Patreon and Ko-fi.
And as always, my company is offering commercial support on Incus, ranging from by-the-hour support contracts to one-off services on things like initial migration from LXD, review of your deployment to squeeze the most out of Incus or even feature sponsorship. You’ll find all details of that here: https://zabbly.com/incus
Donations towards my work on this and other open source projects is also always appreciated, you can find me on Github Sponsors, Patreon and Ko-fi.
Github
Twitter
LinkedIn
Mastodon
RSS feed