/
snap
/
lxd
/
current
/
share
/
lxd-documentation
/
explanation
/
projects
/
File Upload :
llllll
Current File: //snap/lxd/current/share/lxd-documentation/explanation/projects/index.html
<!doctype html> <html class="no-js" lang="en" data-content_root="../../"> <head><meta charset="utf-8"/> <meta name="viewport" content="width=device-width,initial-scale=1"/> <meta name="color-scheme" content="light dark"><meta name="viewport" content="width=device-width, initial-scale=1" /> <meta property="og:title" content="Instances grouping with projects" /> <meta property="og:type" content="website" /> <meta property="og:url" content="https://documentation.ubuntu.com/lxd/latest/explanation/projects/" /> <meta property="og:site_name" content="LXD documentation" /> <meta property="og:description" content="You can use projects to keep your LXD server clean by grouping related instances together. In addition to isolated instances, each project can also have specific images, profiles, networks, and sto..." /> <meta property="og:image" content="https://documentation.ubuntu.com/lxd/latest/_static/tag.png" /> <meta property="og:image:alt" content="LXD documentation" /> <meta name="description" content="You can use projects to keep your LXD server clean by grouping related instances together. In addition to isolated instances, each project can also have specific images, profiles, networks, and sto..." /> <link rel="index" title="Index" href="../../genindex/" /><link rel="search" title="Search" href="../../search/" /><link rel="next" title="Clusters" href="../clusters/" /><link rel="prev" title="Remote API authorization" href="../authorization/" /> <link rel="canonical" href="https://documentation.ubuntu.com/lxd/explanation/projects/" /> <link rel="shortcut icon" href="../../_static/favicon.ico"/><!-- Generated with Sphinx 8.2.3 and Furo 2025.07.19 --> <title>Instances grouping with projects</title> <link rel="stylesheet" type="text/css" href="../../_static/pygments.css?v=d111a655" /> <link rel="stylesheet" type="text/css" href="../../_static/styles/furo.css?v=25af2a20" /> <link rel="stylesheet" type="text/css" href="../../_static/copybutton.css?v=76b2166b" /> <link rel="stylesheet" type="text/css" href="../../_static/youtube.css" /> <link rel="stylesheet" type="text/css" href="../../_static/related-links.css" /> <link rel="stylesheet" type="text/css" href="../../_static/terminal-output.css" /> <link rel="stylesheet" type="text/css" href="../../_static/config-options.css" /> <link rel="stylesheet" type="text/css" href="../../_static/sphinx-design.min.css?v=95c83b7e" /> <link rel="stylesheet" type="text/css" href="../../_static/styles/furo-extensions.css?v=8dab3a3b" /> <link rel="stylesheet" type="text/css" href="../../_static/custom.css?v=66d86e9d" /> <link rel="stylesheet" type="text/css" href="../../_static/header.css?v=84f70f09" /> <link rel="stylesheet" type="text/css" href="../../_static/github_issue_links.css?v=af88fb93" /> <link rel="stylesheet" type="text/css" href="../../_static/furo_colors.css?v=c4ccdb8a" /> <link rel="stylesheet" type="text/css" href="../../_static/footer.css?v=bd05fc90" /> <link rel="stylesheet" type="text/css" href="../../_static/cookie-banner.css?v=b74831ab" /> </head> <body> <header id="header" class="p-navigation"> <script type="module" src="../../_static/js/bundle.js"> </script> <!-- Google Tag Manager --> <script> (function(w, d, s, l, i) { w[l] = w[l] || []; w[l].push({ 'gtm.start': new Date().getTime(), event: 'gtm.js' }); var f = d.getElementsByTagName(s)[0]; var j = d.createElement(s); var dl = ''; if (l != 'dataLayer') { dl = '&l=' + l; } j.async = true; j.src = 'https://www.googletagmanager.com/gtm.js?id=' + i + dl; f.parentNode.insertBefore(j, f); })(window, document, 'script', 'dataLayer', 'GTM-KNX3CJC'); </script> <div class="p-navigation__nav" role="menubar"> <ul class="p-navigation__links" role="menu"> <li> <a class="p-logo" href="https://canonical.com/lxd" aria-current="page"> <img src="../../_static/tag.png" alt="Logo" class="p-logo-image"> <div class="p-logo-text p-heading--4">LXD </div> </a> </li> <li class="nav-ubuntu-com"> <a href="https://canonical.com/lxd" class="p-navigation__link">canonical.com/lxd</a> </li> <li> <a href="#" class="p-navigation__link nav-more-links">More resources</a> <ul class="more-links-dropdown"> <li> <a href="https://ubuntu.com/lxd/install/" class="p-navigation__sub-link p-dropdown__link">Install LXD</a> </li> <li> <a href="https://ubuntu.com/lxd/manage/" class="p-navigation__sub-link p-dropdown__link">Manage LXD</a> </li> <li> <a href="https://discourse.ubuntu.com/c/lxd/" class="p-navigation__sub-link p-dropdown__link">Forum</a> </li> <li> <a href="https://github.com/canonical/lxd" class="p-navigation__sub-link p-dropdown__link">GitHub</a> </li> </ul> </li> </ul> </div> </header> <script> document.body.dataset.theme = localStorage.getItem("theme") || "auto"; </script> <svg xmlns="http://www.w3.org/2000/svg" style="display: none;"> <symbol id="svg-toc" viewBox="0 0 24 24"> <title>Contents</title> <svg stroke="currentColor" fill="currentColor" stroke-width="0" viewBox="0 0 1024 1024"> <path d="M408 442h480c4.4 0 8-3.6 8-8v-56c0-4.4-3.6-8-8-8H408c-4.4 0-8 3.6-8 8v56c0 4.4 3.6 8 8 8zm-8 204c0 4.4 3.6 8 8 8h480c4.4 0 8-3.6 8-8v-56c0-4.4-3.6-8-8-8H408c-4.4 0-8 3.6-8 8v56zm504-486H120c-4.4 0-8 3.6-8 8v56c0 4.4 3.6 8 8 8h784c4.4 0 8-3.6 8-8v-56c0-4.4-3.6-8-8-8zm0 632H120c-4.4 0-8 3.6-8 8v56c0 4.4 3.6 8 8 8h784c4.4 0 8-3.6 8-8v-56c0-4.4-3.6-8-8-8zM115.4 518.9L271.7 642c5.8 4.6 14.4.5 14.4-6.9V388.9c0-7.4-8.5-11.5-14.4-6.9L115.4 505.1a8.74 8.74 0 0 0 0 13.8z"/> </svg> </symbol> <symbol id="svg-menu" viewBox="0 0 24 24"> <title>Menu</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather-menu"> <line x1="3" y1="12" x2="21" y2="12"></line> <line x1="3" y1="6" x2="21" y2="6"></line> <line x1="3" y1="18" x2="21" y2="18"></line> </svg> </symbol> <symbol id="svg-arrow-right" viewBox="0 0 24 24"> <title>Expand</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather-chevron-right"> <polyline points="9 18 15 12 9 6"></polyline> </svg> </symbol> <symbol id="svg-sun" viewBox="0 0 24 24"> <title>Light mode</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="feather-sun"> <circle cx="12" cy="12" r="5"></circle> <line x1="12" y1="1" x2="12" y2="3"></line> <line x1="12" y1="21" x2="12" y2="23"></line> <line x1="4.22" y1="4.22" x2="5.64" y2="5.64"></line> <line x1="18.36" y1="18.36" x2="19.78" y2="19.78"></line> <line x1="1" y1="12" x2="3" y2="12"></line> <line x1="21" y1="12" x2="23" y2="12"></line> <line x1="4.22" y1="19.78" x2="5.64" y2="18.36"></line> <line x1="18.36" y1="5.64" x2="19.78" y2="4.22"></line> </svg> </symbol> <symbol id="svg-moon" viewBox="0 0 24 24"> <title>Dark mode</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="icon-tabler-moon"> <path stroke="none" d="M0 0h24v24H0z" fill="none" /> <path d="M12 3c.132 0 .263 0 .393 0a7.5 7.5 0 0 0 7.92 12.446a9 9 0 1 1 -8.313 -12.454z" /> </svg> </symbol> <symbol id="svg-sun-with-moon" viewBox="0 0 24 24"> <title>Auto light/dark, in light mode</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="icon-custom-derived-from-feather-sun-and-tabler-moon"> <path style="opacity: 50%" d="M 5.411 14.504 C 5.471 14.504 5.532 14.504 5.591 14.504 C 3.639 16.319 4.383 19.569 6.931 20.352 C 7.693 20.586 8.512 20.551 9.25 20.252 C 8.023 23.207 4.056 23.725 2.11 21.184 C 0.166 18.642 1.702 14.949 4.874 14.536 C 5.051 14.512 5.231 14.5 5.411 14.5 L 5.411 14.504 Z"/> <line x1="14.5" y1="3.25" x2="14.5" y2="1.25"/> <line x1="14.5" y1="15.85" x2="14.5" y2="17.85"/> <line x1="10.044" y1="5.094" x2="8.63" y2="3.68"/> <line x1="19" y1="14.05" x2="20.414" y2="15.464"/> <line x1="8.2" y1="9.55" x2="6.2" y2="9.55"/> <line x1="20.8" y1="9.55" x2="22.8" y2="9.55"/> <line x1="10.044" y1="14.006" x2="8.63" y2="15.42"/> <line x1="19" y1="5.05" x2="20.414" y2="3.636"/> <circle cx="14.5" cy="9.55" r="3.6"/> </svg> </symbol> <symbol id="svg-moon-with-sun" viewBox="0 0 24 24"> <title>Auto light/dark, in dark mode</title> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="icon-custom-derived-from-feather-sun-and-tabler-moon"> <path d="M 8.282 7.007 C 8.385 7.007 8.494 7.007 8.595 7.007 C 5.18 10.184 6.481 15.869 10.942 17.24 C 12.275 17.648 13.706 17.589 15 17.066 C 12.851 22.236 5.91 23.143 2.505 18.696 C -0.897 14.249 1.791 7.786 7.342 7.063 C 7.652 7.021 7.965 7 8.282 7 L 8.282 7.007 Z"/> <line style="opacity: 50%" x1="18" y1="3.705" x2="18" y2="2.5"/> <line style="opacity: 50%" x1="18" y1="11.295" x2="18" y2="12.5"/> <line style="opacity: 50%" x1="15.316" y1="4.816" x2="14.464" y2="3.964"/> <line style="opacity: 50%" x1="20.711" y1="10.212" x2="21.563" y2="11.063"/> <line style="opacity: 50%" x1="14.205" y1="7.5" x2="13.001" y2="7.5"/> <line style="opacity: 50%" x1="21.795" y1="7.5" x2="23" y2="7.5"/> <line style="opacity: 50%" x1="15.316" y1="10.184" x2="14.464" y2="11.036"/> <line style="opacity: 50%" x1="20.711" y1="4.789" x2="21.563" y2="3.937"/> <circle style="opacity: 50%" cx="18" cy="7.5" r="2.169"/> </svg> </symbol> <symbol id="svg-pencil" viewBox="0 0 24 24"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="icon-tabler-pencil-code"> <path d="M4 20h4l10.5 -10.5a2.828 2.828 0 1 0 -4 -4l-10.5 10.5v4" /> <path d="M13.5 6.5l4 4" /> <path d="M20 21l2 -2l-2 -2" /> <path d="M17 17l-2 2l2 2" /> </svg> </symbol> <symbol id="svg-eye" viewBox="0 0 24 24"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="1" stroke-linecap="round" stroke-linejoin="round" class="icon-tabler-eye-code"> <path stroke="none" d="M0 0h24v24H0z" fill="none" /> <path d="M10 12a2 2 0 1 0 4 0a2 2 0 0 0 -4 0" /> <path d="M11.11 17.958c-3.209 -.307 -5.91 -2.293 -8.11 -5.958c2.4 -4 5.4 -6 9 -6c3.6 0 6.6 2 9 6c-.21 .352 -.427 .688 -.647 1.008" /> <path d="M20 21l2 -2l-2 -2" /> <path d="M17 17l-2 2l2 2" /> </svg> </symbol> </svg> <input type="checkbox" class="sidebar-toggle" name="__navigation" id="__navigation"> <input type="checkbox" class="sidebar-toggle" name="__toc" id="__toc"> <label class="overlay sidebar-overlay" for="__navigation"> <div class="visually-hidden">Hide navigation sidebar</div> </label> <label class="overlay toc-overlay" for="__toc"> <div class="visually-hidden">Hide table of contents sidebar</div> </label> <a class="skip-to-content muted-link" href="#furo-main-content">Skip to content</a> <div class="page"> <header class="mobile-header"> <div class="header-left"> <label class="nav-overlay-icon" for="__navigation"> <div class="visually-hidden">Toggle site navigation sidebar</div> <i class="icon"><svg><use href="#svg-menu"></use></svg></i> </label> </div> <div class="header-center"> <a href="../../"><div class="brand">LXD</div></a> </div> <div class="header-right"> <div class="theme-toggle-container theme-toggle-header"> <button class="theme-toggle"> <div class="visually-hidden">Toggle Light / Dark / Auto color theme</div> <svg class="theme-icon-when-auto-light"><use href="#svg-sun-with-moon"></use></svg> <svg class="theme-icon-when-auto-dark"><use href="#svg-moon-with-sun"></use></svg> <svg class="theme-icon-when-dark"><use href="#svg-moon"></use></svg> <svg class="theme-icon-when-light"><use href="#svg-sun"></use></svg> </button> </div> <label class="toc-overlay-icon toc-header-icon" for="__toc"> <div class="visually-hidden">Toggle table of contents sidebar</div> <i class="icon"><svg><use href="#svg-toc"></use></svg></i> </label> </div> </header> <aside class="sidebar-drawer"> <div class="sidebar-container"> <div class="sidebar-sticky"><a class="sidebar-brand" href="../../"> </a><form class="sidebar-search-container" method="get" action="../../search/" role="search"> <input class="sidebar-search" placeholder="Search" name="q" aria-label="Search"> <input type="submit" value="Go"> <input type="hidden" name="check_keywords" value="yes"> <input type="hidden" name="area" value="default"> </form> <div id="searchbox"></div><div class="sidebar-scroll"><div class="sidebar-tree"> <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="../../">LXD</a></li> <li class="toctree-l1 has-children"><a class="reference internal" href="../../tutorial/">Tutorials</a><input class="toctree-checkbox" id="toctree-checkbox-1" name="toctree-checkbox-1" role="switch" type="checkbox"/><label for="toctree-checkbox-1"><div class="visually-hidden">Toggle navigation of Tutorials</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l2"><a class="reference internal" href="../../tutorial/first_steps/">First steps with LXD</a></li> <li class="toctree-l2"><a class="reference internal" href="../../tutorial/ui/">Getting started with the UI</a></li> </ul> </li> <li class="toctree-l1 has-children"><a class="reference internal" href="../../howto/">How-to guides</a><input class="toctree-checkbox" id="toctree-checkbox-2" name="toctree-checkbox-2" role="switch" type="checkbox"/><label for="toctree-checkbox-2"><div class="visually-hidden">Toggle navigation of How-to guides</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l2 has-children"><a class="reference internal" href="../../getting_started/">Getting started</a><input class="toctree-checkbox" id="toctree-checkbox-3" name="toctree-checkbox-3" role="switch" type="checkbox"/><label for="toctree-checkbox-3"><div class="visually-hidden">Toggle navigation of Getting started</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../installing/">Install LXD</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/initialize/">Initialize LXD</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/access_ui/">Access the UI</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/access_documentation/">Access documentation locally</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../operation/">LXD server and client</a><input class="toctree-checkbox" id="toctree-checkbox-4" name="toctree-checkbox-4" role="switch" type="checkbox"/><label for="toctree-checkbox-4"><div class="visually-hidden">Toggle navigation of LXD server and client</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/server_expose/">Expose LXD to the network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/server_configure/">Configure the LXD server</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/oidc_auth0/">Configure OIDC authentication with Auth0</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/oidc_ory/">Configure OIDC authentication with Ory Hydra</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/oidc_keycloak/">Configure OIDC authentication with Keycloak</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/oidc_entra_id/">Configure OIDC authentication with Microsoft Entra ID</a></li> <li class="toctree-l3"><a class="reference internal" href="../../remotes/">Add remote servers</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/lxc_alias/">Add command aliases</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../instances/">Instances</a><input class="toctree-checkbox" id="toctree-checkbox-5" name="toctree-checkbox-5" role="switch" type="checkbox"/><label for="toctree-checkbox-5"><div class="visually-hidden">Toggle navigation of Instances</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_create/">Create instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_configure/">Configure instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_manage/">Manage instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../profiles/">Use profiles</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_troubleshoot/">Troubleshoot errors</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_ubuntu_pro_attach/">Auto attach Ubuntu Pro</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_access_files/">Access files</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_console/">Access the console</a></li> <li class="toctree-l3"><a class="reference internal" href="../../instance-exec/">Run commands</a></li> <li class="toctree-l3"><a class="reference internal" href="../../cloud-init/">Use cloud-init</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_routed_nic_vm/">Add a routed NIC to a VM</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_backup/">Back up instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_migrate/">Migrate instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/import_machines_to_instances/">Import existing machines</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/container_gpu_passthrough_with_docker/">Pass NVIDIA GPUs</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../images/">Images</a><input class="toctree-checkbox" id="toctree-checkbox-6" name="toctree-checkbox-6" role="switch" type="checkbox"/><label for="toctree-checkbox-6"><div class="visually-hidden">Toggle navigation of Images</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/images_remote/">Use remote images</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/images_manage/">Manage images</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/images_profiles/">Associate profiles</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/images_copy/">Copy and import images</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/images_create/">Create images</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../projects/">Projects</a><input class="toctree-checkbox" id="toctree-checkbox-7" name="toctree-checkbox-7" role="switch" type="checkbox"/><label for="toctree-checkbox-7"><div class="visually-hidden">Toggle navigation of Projects</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/projects_create/">Create and configure</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/projects_work/">Work with projects</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/projects_confine/">Confine users to projects</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../storage/">Storage</a><input class="toctree-checkbox" id="toctree-checkbox-8" name="toctree-checkbox-8" role="switch" type="checkbox"/><label for="toctree-checkbox-8"><div class="visually-hidden">Toggle navigation of Storage</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_pools/">Manage pools</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_volumes/">Manage volumes</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_buckets/">Manage buckets</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_create_instance/">Create an instance in a pool</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_backup_volume/">Back up a volume</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/storage_move_volume/">Move or copy a volume</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../networks/">Networking</a><input class="toctree-checkbox" id="toctree-checkbox-9" name="toctree-checkbox-9" role="switch" type="checkbox"/><label for="toctree-checkbox-9"><div class="visually-hidden">Toggle navigation of Networking</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_create/">Create a network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_configure/">Configure a network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_bgp/">Configure as BGP server</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_acls/">Configure network ACLs</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_forwards/">Configure forwards</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_zones/">Configure network zones</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_bridge_firewalld/">Configure your firewall</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_bridge_resolved/">Integrate with resolved</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_ovn_setup/">Set up OVN</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_load_balancers/">Configure load balancers</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_ovn_peers/">Configure peer routing</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_ipam/">Display IPAM information</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../clustering/">Clustering</a><input class="toctree-checkbox" id="toctree-checkbox-10" name="toctree-checkbox-10" role="switch" type="checkbox"/><label for="toctree-checkbox-10"><div class="visually-hidden">Toggle navigation of Clustering</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_form/">Form a cluster</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_manage/">Manage a cluster</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_config_networks/">Configure networks</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_config_storage/">Configure storage</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_manage_instance/">Manage instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_groups/">Set up cluster groups</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/cluster_recover/">Recover a cluster</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../production-setup/">Production setup</a><input class="toctree-checkbox" id="toctree-checkbox-11" name="toctree-checkbox-11" role="switch" type="checkbox"/><label for="toctree-checkbox-11"><div class="visually-hidden">Toggle navigation of Production setup</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/benchmark_performance/">Benchmark performance</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_increase_bandwidth/">Increase bandwidth</a></li> <li class="toctree-l3"><a class="reference internal" href="../../metrics/">Monitor metrics</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/logs_loki/">Send logs to Loki</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/grafana/">Set up Grafana</a></li> <li class="toctree-l3"><a class="reference internal" href="../../backup/">Back up a server</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/disaster_recovery/">Recover instances</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../howto/snap/">Manage the snap</a></li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../howto/troubleshoot/">Troubleshooting</a><input class="toctree-checkbox" id="toctree-checkbox-12" name="toctree-checkbox-12" role="switch" type="checkbox"/><label for="toctree-checkbox-12"><div class="visually-hidden">Toggle navigation of Troubleshooting</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../howto/network_bridge_firewalld/">Configure your firewall</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/instances_troubleshoot/">Troubleshoot instances</a></li> <li class="toctree-l3"><a class="reference internal" href="../../howto/dqlite_troubleshoot/">Troubleshoot Dqlite</a></li> <li class="toctree-l3"><a class="reference internal" href="../../debugging/">Debug LXD</a></li> <li class="toctree-l3"><a class="reference internal" href="../../faq/">Frequently asked</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../support/">Get support</a></li> <li class="toctree-l2"><a class="reference internal" href="../../contributing/">Contribute to LXD</a></li> </ul> </li> <li class="toctree-l1 current has-children"><a class="reference internal" href="../">Explanation</a><input checked="" class="toctree-checkbox" id="toctree-checkbox-13" name="toctree-checkbox-13" role="switch" type="checkbox"/><label for="toctree-checkbox-13"><div class="visually-hidden">Toggle navigation of Explanation</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul class="current"> <li class="toctree-l2"><a class="reference internal" href="../lxd_lxc/"><code class="docutils literal notranslate"><span class="pre">lxd</span></code> and <code class="docutils literal notranslate"><span class="pre">lxc</span></code></a></li> <li class="toctree-l2"><a class="reference internal" href="../instances/">Containers and VMs</a></li> <li class="toctree-l2"><a class="reference internal" href="../../image-handling/">Local and remote images</a></li> <li class="toctree-l2"><a class="reference internal" href="../storage/">Storage pools, volumes, and buckets</a></li> <li class="toctree-l2"><a class="reference internal" href="../networks/">Networking setups</a></li> <li class="toctree-l2"><a class="reference internal" href="../../database/">The LXD Dqlite database</a></li> <li class="toctree-l2"><a class="reference internal" href="../lxc_show_info/"><code class="docutils literal notranslate"><span class="pre">lxc</span></code> <code class="docutils literal notranslate"><span class="pre">show</span></code> and <code class="docutils literal notranslate"><span class="pre">info</span></code></a></li> <li class="toctree-l2"><a class="reference internal" href="../../authentication/">Remote API authentication</a></li> <li class="toctree-l2"><a class="reference internal" href="../authorization/">Remote API authorization</a></li> <li class="toctree-l2 current current-page"><a class="current reference internal" href="#">Instances grouping with projects</a></li> <li class="toctree-l2"><a class="reference internal" href="../clusters/">Clusters</a></li> <li class="toctree-l2"><a class="reference internal" href="../performance_tuning/">Performance tuning</a></li> <li class="toctree-l2"><a class="reference internal" href="../security/">Security</a></li> <li class="toctree-l2"><a class="reference internal" href="../bpf/">Privilege delegation using BPF Token</a></li> </ul> </li> <li class="toctree-l1 has-children"><a class="reference internal" href="../../reference/">Reference</a><input class="toctree-checkbox" id="toctree-checkbox-14" name="toctree-checkbox-14" role="switch" type="checkbox"/><label for="toctree-checkbox-14"><div class="visually-hidden">Toggle navigation of Reference</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l2"><a class="reference internal" href="../../requirements/">Requirements</a></li> <li class="toctree-l2"><a class="reference internal" href="../../architectures/">Architectures</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/releases-snap/">Releases and snap</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/remote_image_servers/">Remote image servers</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/image_format/">Image format</a></li> <li class="toctree-l2"><a class="reference internal" href="../../guest-os-compatibility/">Guest OS compatibility</a></li> <li class="toctree-l2"><a class="reference internal" href="../../container-environment/">Container environment</a></li> <li class="toctree-l2"><a class="reference internal" href="../../config-options/">Configuration option index</a></li> <li class="toctree-l2"><a class="reference internal" href="../../server/">Server configuration</a></li> <li class="toctree-l2 has-children"><a class="reference internal" href="../instance_config/">Instance configuration</a><input class="toctree-checkbox" id="toctree-checkbox-15" name="toctree-checkbox-15" role="switch" type="checkbox"/><label for="toctree-checkbox-15"><div class="visually-hidden">Toggle navigation of Instance configuration</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../reference/instance_properties/">Instance properties</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/instance_options/">Instance options</a></li> <li class="toctree-l3 has-children"><a class="reference internal" href="../../reference/devices/">Devices</a><input class="toctree-checkbox" id="toctree-checkbox-16" name="toctree-checkbox-16" role="switch" type="checkbox"/><label for="toctree-checkbox-16"><div class="visually-hidden">Toggle navigation of Devices</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l4"><a class="reference internal" href="../../reference/standard_devices/">Standard devices</a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_none/">Type: <code class="docutils literal notranslate"><span class="pre">none</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_nic/">Type: <code class="docutils literal notranslate"><span class="pre">nic</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_disk/">Type: <code class="docutils literal notranslate"><span class="pre">disk</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_unix_char/">Type: <code class="docutils literal notranslate"><span class="pre">unix-char</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_unix_block/">Type: <code class="docutils literal notranslate"><span class="pre">unix-block</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_usb/">Type: <code class="docutils literal notranslate"><span class="pre">usb</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_gpu/">Type: <code class="docutils literal notranslate"><span class="pre">gpu</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_infiniband/">Type: <code class="docutils literal notranslate"><span class="pre">infiniband</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_proxy/">Type: <code class="docutils literal notranslate"><span class="pre">proxy</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_unix_hotplug/">Type: <code class="docutils literal notranslate"><span class="pre">unix-hotplug</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_tpm/">Type: <code class="docutils literal notranslate"><span class="pre">tpm</span></code></a></li> <li class="toctree-l4"><a class="reference internal" href="../../reference/devices_pci/">Type: <code class="docutils literal notranslate"><span class="pre">pci</span></code></a></li> </ul> </li> <li class="toctree-l3"><a class="reference internal" href="../../reference/instance_units/">Units for storage and network limits</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../reference/preseed_yaml_fields/">Preseed YAML file fields</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/projects/">Project configuration</a></li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../reference/storage_drivers/">Storage drivers</a><input class="toctree-checkbox" id="toctree-checkbox-17" name="toctree-checkbox-17" role="switch" type="checkbox"/><label for="toctree-checkbox-17"><div class="visually-hidden">Toggle navigation of Storage drivers</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_btrfs/">Btrfs - <code class="docutils literal notranslate"><span class="pre">btrfs</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_cephfs/">CephFS - <code class="docutils literal notranslate"><span class="pre">cephfs</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_cephobject/">Ceph Object - <code class="docutils literal notranslate"><span class="pre">cephobject</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_ceph/">Ceph RBD - <code class="docutils literal notranslate"><span class="pre">ceph</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_powerflex/">Dell PowerFlex - <code class="docutils literal notranslate"><span class="pre">powerflex</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_pure/">Pure Storage - <code class="docutils literal notranslate"><span class="pre">pure</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_dir/">Directory - <code class="docutils literal notranslate"><span class="pre">dir</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_lvm/">LVM - <code class="docutils literal notranslate"><span class="pre">lvm</span></code></a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/storage_zfs/">ZFS - <code class="docutils literal notranslate"><span class="pre">zfs</span></code></a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../reference/networks/">Networks</a><input class="toctree-checkbox" id="toctree-checkbox-18" name="toctree-checkbox-18" role="switch" type="checkbox"/><label for="toctree-checkbox-18"><div class="visually-hidden">Toggle navigation of Networks</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../reference/network_bridge/">Bridge network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/network_ovn/">OVN network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/network_macvlan/">Macvlan network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/network_physical/">Physical network</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/network_sriov/">SR-IOV network</a></li> </ul> </li> <li class="toctree-l2"><a class="reference internal" href="../../reference/cluster_member_config/">Cluster configuration</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/server_settings/">Production server settings</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/provided_metrics/">Provided metrics</a></li> <li class="toctree-l2"><a class="reference internal" href="../../reference/permissions/">Permissions</a></li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../restapi_landing/">REST API</a><input class="toctree-checkbox" id="toctree-checkbox-19" name="toctree-checkbox-19" role="switch" type="checkbox"/><label for="toctree-checkbox-19"><div class="visually-hidden">Toggle navigation of REST API</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../rest-api/">Main API documentation</a></li> <li class="toctree-l3"><a class="reference internal" href="../../api/">Main API specification</a></li> <li class="toctree-l3"><a class="reference internal" href="../../api-extensions/">Main API extensions</a></li> <li class="toctree-l3"><a class="reference internal" href="../../events/">Events API documentation</a></li> <li class="toctree-l3"><a class="reference internal" href="../../dev-lxd/">Instance API</a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../reference/manpages/">Man pages</a><input class="toctree-checkbox" id="toctree-checkbox-20" name="toctree-checkbox-20" role="switch" type="checkbox"/><label for="toctree-checkbox-20"><div class="visually-hidden">Toggle navigation of Man pages</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../reference/manpages/lxc/"><code class="docutils literal notranslate"><span class="pre">lxc</span></code></a></li> </ul> </li> <li class="toctree-l2 has-children"><a class="reference internal" href="../../internals/">Internals</a><input class="toctree-checkbox" id="toctree-checkbox-21" name="toctree-checkbox-21" role="switch" type="checkbox"/><label for="toctree-checkbox-21"><div class="visually-hidden">Toggle navigation of Internals</div><i class="icon"><svg><use href="#svg-arrow-right"></use></svg></i></label><ul> <li class="toctree-l3"><a class="reference internal" href="../../environment/">Environment variables</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/uefi_variables/">UEFI variables for VMs</a></li> <li class="toctree-l3"><a class="reference internal" href="../../daemon-behavior/">Daemon behavior</a></li> <li class="toctree-l3"><a class="reference internal" href="../../syscall-interception/">System call interception</a></li> <li class="toctree-l3"><a class="reference internal" href="../../userns-idmap/">User namespace setup</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/ovn-internals/">OVN implementation</a></li> <li class="toctree-l3"><a class="reference internal" href="../../reference/vm_live_migration_internals/">VM live migration implementation</a></li> </ul> </li> <li class="toctree-l2"><a class="reference external" href="https://github.com/canonical/lxd">Project repository</a></li> <li class="toctree-l2"><a class="reference external" href="https://images.lxd.canonical.com">Image server</a></li> </ul> </li> </ul> </div> </div> </div> </div> </aside> <div class="main"> <div class="content"> <div class="article-container"> <a href="#" class="back-to-top muted-link"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"> <path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8v12z"></path> </svg> <span>Back to top</span> </a> <div class="content-icon-container"> <div class="view-this-page"> <a class="muted-link" href="../../_sources/explanation/projects.md.txt" title="View this page"> <svg><use href="#svg-eye"></use></svg> <span class="visually-hidden">View this page</span> </a> </div> <div class="theme-toggle-container theme-toggle-content"> <button class="theme-toggle"> <div class="visually-hidden">Toggle Light / Dark / Auto color theme</div> <svg class="theme-icon-when-auto-light"><use href="#svg-sun-with-moon"></use></svg> <svg class="theme-icon-when-auto-dark"><use href="#svg-moon-with-sun"></use></svg> <svg class="theme-icon-when-dark"><use href="#svg-moon"></use></svg> <svg class="theme-icon-when-light"><use href="#svg-sun"></use></svg> </button> </div> <label class="toc-overlay-icon toc-content-icon" for="__toc"> <div class="visually-hidden">Toggle table of contents sidebar</div> <i class="icon"><svg><use href="#svg-toc"></use></svg></i> </label> </div> <article role="main" id="furo-main-content"> <section id="instances-grouping-with-projects"> <span id="exp-projects"></span><h1>Instances grouping with projects<a class="headerlink" href="#instances-grouping-with-projects" title="Link to this heading">¶</a></h1> <p class="youtube_link"> <a href="https://www.youtube.com/watch?v=cUHkgg6TovM" target="_blank"> <span title="Overview of LXD projects - YouTube" class="play_icon">▶</span> <span title="Overview of LXD projects - YouTube">Watch on YouTube</span> </a> </p><p>You can use projects to keep your LXD server clean by grouping related instances together. In addition to isolated instances, each project can also have specific images, profiles, networks, and storage.</p> <p>For example, projects can be useful in the following scenarios:</p> <ul> <li><p>You run a huge number of instances for different purposes, for example, for different customer projects. You want to keep these instances separate to make it easier to locate and maintain them, and you might want to reuse the same instance names in each customer project for consistency reasons. Each instance in a customer project should use the same base configuration (for example, networks and storage), but the configuration might differ between customer projects.</p> <p>In this case, you can create a LXD project for each customer project (thus each group of instances) and use different profiles, networks, and storage for each LXD project.</p> </li> <li><p>Your LXD server is shared between multiple users. Each user runs their own instances, and might want to configure their own profiles. You want to keep the user instances confined, so that each user can interact only with their own instances and cannot see the instances created by other users. In addition, you want to be able to limit resources for each user and make sure that the instances of different users cannot interfere with one another.</p> <p>In this case, you can set up a multi-user environment with confined projects.</p> </li> </ul> <p>LXD comes with a <code class="docutils literal notranslate"><span class="pre">default</span></code> project. See <a class="reference internal" href="../../howto/projects_create/#projects-create"><span class="std std-ref">How to create and configure projects</span></a> for instructions on how to add projects.</p> <section id="isolation-of-projects"> <span id="projects-isolation"></span><h2>Isolation of projects<a class="headerlink" href="#isolation-of-projects" title="Link to this heading">¶</a></h2> <p>Projects always encapsulate the instances they contain, which means that instances cannot be shared between projects and instance names can be duplicated in several projects. When you are in a specific project, you can see only the instances that belong to this project.</p> <p>Other entities (images, profiles, networks, and storage) can be either isolated in the project or inherited from the <code class="docutils literal notranslate"><span class="pre">default</span></code> project. To configure which entities are isolated, you enable or disable the respective <em>feature</em> in the project. If a feature is enabled, the corresponding entity is isolated in the project; if the feature is disabled, it is inherited from the <code class="docutils literal notranslate"><span class="pre">default</span></code> project.</p> <p>For example, if you enable <a class="configref reference internal" href="../../reference/projects/#project-features:features.networks"><code class="docutils literal notranslate"><span class="pre">features.networks</span></code></a> for a project, the project uses a separate set of networks and not the networks defined in the <code class="docutils literal notranslate"><span class="pre">default</span></code> project. If you disable <a class="configref reference internal" href="../../reference/projects/#project-features:features.images"><code class="docutils literal notranslate"><span class="pre">features.images</span></code></a>, the project has access to the images defined in the <code class="docutils literal notranslate"><span class="pre">default</span></code> project, and any images you add while you’re using the project are also added to the <code class="docutils literal notranslate"><span class="pre">default</span></code> project.</p> <p>See the list of available <a class="reference internal" href="../../reference/projects/#project-features"><span class="std std-ref">Project features</span></a> for information about which features are enabled or disabled when you create a project.</p> <div class="admonition note"> <p class="admonition-title">Note</p> <p>You must select the features that you want to enable before starting to use a new project. When a project contains instances, the features are locked. To edit them, you must remove all instances first.</p> <p>New features that are added in an upgrade are disabled for existing projects.</p> </div> <div class="admonition important"> <p class="admonition-title">Important</p> <p>In a multi-tenant environment, unless using <a class="reference internal" href="../authorization/#fine-grained-authorization"><span class="std std-ref">Fine-grained authorization</span></a>, all projects should have all features enabled. Otherwise, clients with <a class="reference internal" href="../authorization/#restricted-tls-certs"><span class="std std-ref">Restricted TLS certificates</span></a> are able to create, edit, and delete resources in the default project. This might affect other tenants.</p> <p>For example, if project “foo” is created and <code class="docutils literal notranslate"><span class="pre">features.networks</span></code> is not set to true, then a restricted client certificate with access to “foo” can view, edit, and delete networks in the default project.</p> <p>Conversely, if a client’s permissions are managed via <a class="reference internal" href="../authorization/#fine-grained-authorization"><span class="std std-ref">Fine-grained authorization</span></a>, resources may be inherited from the default project but access to those resources is not automatically granted.</p> </div> </section> <section id="confined-projects-in-a-multi-user-environment"> <span id="projects-confined"></span><h2>Confined projects in a multi-user environment<a class="headerlink" href="#confined-projects-in-a-multi-user-environment" title="Link to this heading">¶</a></h2> <p>If your LXD server is used by multiple users (for example, in a lab environment), you can use projects to confine the activities of each user. This method isolates the instances and other entities (depending on the feature configuration), as described in <a class="reference internal" href="#projects-isolation"><span class="std std-ref">Isolation of projects</span></a>. It also confines users to their own user space and prevents them from gaining access to other users’ instances or data. Any changes that affect the LXD server and its configuration, for example, adding or removing storage, are not permitted.</p> <p>In addition, this method allows users to work with LXD without being a member of the <code class="docutils literal notranslate"><span class="pre">lxd</span></code> group (see <a class="reference internal" href="../security/#security-daemon-access"><span class="std std-ref">Access to the LXD daemon</span></a>). Members of the <code class="docutils literal notranslate"><span class="pre">lxd</span></code> group have full access to LXD, including permission to attach file system paths and tweak the security features of an instance, which makes it possible to gain root access to the host system. Using confined projects limits what users can do in LXD, but it also prevents users from gaining root access.</p> <p>When LXD is accessible over the HTTPS API, both <a class="reference internal" href="../../authentication/#authentication-tls-certs"><span class="std std-ref">TLS client certificates</span></a> and <a class="reference internal" href="../../authentication/#authentication-openid"><span class="std std-ref">OIDC clients</span></a> can be restricted to allow access to specific projects only. This is managed via <a class="reference internal" href="../authorization/#fine-grained-authorization"><span class="std std-ref">Fine-grained authorization</span></a>. See <a class="reference internal" href="../../howto/projects_confine/#projects-confine-https"><span class="std std-ref">Confine users to specific projects on the HTTPS API</span></a> for instructions.</p> <section id="multi-user-lxd-daemon"> <h3>Multi-user LXD daemon<a class="headerlink" href="#multi-user-lxd-daemon" title="Link to this heading">¶</a></h3> <p>The LXD snap contains a multi-user LXD daemon that allows dynamic project creation on a per-user basis. You can configure a specific user group other than the <code class="docutils literal notranslate"><span class="pre">lxd</span></code> group to give restricted LXD access to every user in the group.</p> <p>When a user that is a member of this group starts using LXD, the multi-user daemon automatically creates a confined project for this user.</p> <p>If you’re not using the snap, you can still use this feature if your distribution supports it.</p> <p>See <a class="reference internal" href="../../howto/projects_confine/#projects-confine-users"><span class="std std-ref">Confine users to specific LXD projects via Unix socket</span></a> for instructions on configuring the multi-user daemon.</p> </section> </section> <section id="related-topics"> <h2>Related topics<a class="headerlink" href="#related-topics" title="Link to this heading">¶</a></h2> <p>How-to guides:</p> <ul class="simple"> <li><p><a class="reference internal" href="../../projects/#projects"><span class="std std-ref">Projects</span></a></p></li> </ul> <p>Reference:</p> <ul class="simple"> <li><p><a class="reference internal" href="../../reference/projects/#ref-projects"><span class="std std-ref">Project configuration</span></a></p></li> </ul> </section> </section> </article> </div> <footer> <div class="related-pages"> <a class="next-page" href="../clusters/"> <div class="page-info"> <div class="context"> <span>Next</span> </div> <div class="title">Clusters</div> </div> <svg class="furo-related-icon"><use href="#svg-arrow-right"></use></svg> </a> <a class="prev-page" href="../authorization/"> <svg class="furo-related-icon"><use href="#svg-arrow-right"></use></svg> <div class="page-info"> <div class="context"> <span>Previous</span> </div> <div class="title">Remote API authorization</div> </div> </a> </div> <div class="bottom-of-page"> <div class="left-details"> <div class="copyright"> Copyright © 2014-2025 LXD contributors </div> <div class="last-updated"> Last updated on Sep 08, 2025</div> <div class="show-source"> <a class="muted-link" href="../../_sources/explanation/projects.md.txt" rel="nofollow">Show source</a> </div> </div> <div> <a class="display-contributors">Thanks to the 4 contributors!</a> <div id="overlay"></div> <ul class="all-contributors"> <li> <a href="https://github.com/canonical/lxd/commit/73c5e60f21e7b92231d4a505b1b1ead84af999eb" class="contributor">Gabriel Mougard</a> </li> <li> <a href="https://github.com/canonical/lxd/commit/1e584bbb16c1d4d5627a38bca7fd2be7d4742ec0" class="contributor">Mark Laing</a> </li> <li> <a href="https://github.com/canonical/lxd/commit/6052009419be203ba96f062154deafe8a4590887" class="contributor">Minae Lee</a> </li> <li> <a href="https://github.com/canonical/lxd/commit/12cb0e8a15c887ca941d848ca698ebe7eb20e7b6" class="contributor">Ruth Fuchss</a> </li> </ul> </div> <div class="right-details"> <div class="ask-discourse"> <a class="muted-link" href="https://discourse.ubuntu.com/c/lxd/">Ask a question on Discourse</a> </div> <div class="ask-matrix"> <a class="muted-link" href="https://matrix.to/#/#documentation:ubuntu.com">Ask a question on Matrix</a> </div> <div class="issue-github"> <a class="muted-link" href="https://github.com/canonical/lxd/issues/new?title=doc%3A+ADD+A+TITLE&body=DESCRIBE+THE+ISSUE%0A%0A---%0ADocument: explanation/projects.md">Open a GitHub issue for this page</a> </div> <div class="edit-github"> <a class="muted-link" href="https://github.com/canonical/lxd/edit/main/doc/explanation/projects.md">Edit this page on GitHub</a> </div> </div> </div> </div> </footer> </div> <aside class="toc-drawer"> <div class="toc-sticky toc-scroll"> <div class="toc-title-container"> <span class="toc-title"> Contents </span> </div> <div class="toc-tree-container"> <div class="toc-tree"> <ul> <li><a class="reference internal" href="#">Instances grouping with projects</a><ul> <li><a class="reference internal" href="#isolation-of-projects">Isolation of projects</a></li> <li><a class="reference internal" href="#confined-projects-in-a-multi-user-environment">Confined projects in a multi-user environment</a><ul> <li><a class="reference internal" href="#multi-user-lxd-daemon">Multi-user LXD daemon</a></li> </ul> </li> <li><a class="reference internal" href="#related-topics">Related topics</a></li> </ul> </li> </ul> </div> </div> </div> </aside> </div> </div><script src="../../_static/jquery.js?v=5d32c60e"></script> <script src="../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script> <script src="../../_static/documentation_options.js?v=187304be"></script> <script src="../../_static/doctools.js?v=9bcbadda"></script> <script src="../../_static/sphinx_highlight.js?v=dc90522c"></script> <script src="../../_static/scripts/furo.js?v=46bd48cc"></script> <script src="../../_static/clipboard.min.js?v=a7894cd8"></script> <script src="../../_static/copybutton.js?v=f281be69"></script> <script src="../../_static/config-options.js"></script> <script src="../../_static/design-tabs.js?v=f930bc37"></script> <script src="../../_static/header-nav.js?v=e117ad08"></script> <script src="../../_static/footer.js?v=5acea47a"></script> <script src="../../_static/github_issue_links.js?v=32bb732f"></script> <script src="../../_static/js/bundle.js?v=a4d88309"></script> <script> const github_url = "https://github.com/canonical/lxd"; </script> </body> </html>
Copyright ©2k19 -
Hexid
|
Tex7ure