Xen Orchestra 5.94

We've packed this update with awesome new features and key improvements aimed at simplifying your workflow. XOSTOR is a major highlight, but that's not all. If you're transitioning from VMware, you’ll appreciate our even better V2V (VMware to Vates) tool.

Take a look into these updates and other exciting additions that make managing your virtual environments more intuitive than ever!

👨‍🚀 Project & Community

Another "interesting" month with even more projects that are yielding interesting results!

The VMware exodus isn't slowing down

It’s been another eventful month, packed with progress across multiple projects! The trend of users migrating from VMware to our XCP-ng & Xen Orchestra, the Vates Stack, continues to grow. To support this influx, we've updated our V2V guide with further improvements, check out the enhanced details later in this article:

Migrate from VMware to XCP-ng

Vmware v6 is now end of life, the right time to migrate to an open source, less expensive and constantly evolving solution: XCP-ng.

XCP-ng BlogOlivier Lambert

Additionally, we've expanded our XCP-ng documentation to include more alternative migration paths for VMware users:

Migrate to XCP-ng | XCP-ng Documentation

How to migrate from VMware, KVM, etc. to XCP-ng.

XCP-ng Documentation

XCP-ng R&D: full throttle ahead

Our commitment to research and development is stronger than ever, as we invest significant resources into the future of virtualization. We're in it for the long haul, dedicated to pushing the boundaries of technology.

Don't miss our two blog posts exploring new possibilities for running Xen on ARM architectures and also the related work on enhanced device management in Xen with IOMMU paravirtualization:

Integrating Xen on the Ampere Platform: a first look

Here’s our initial update on integrating Xen into an Ampere-based platform.

XCP-ng BlogOleksii Kurochko

IOMMU paravirtualization for Xen

A technical article describing our current work on IOMMU PV for Xen.

XCP-ng BlogTeddy Astie

Future storage stack updates

Exciting progress on SMAPIv3! We’ve developed our first "usable" local driver utilizing ZFS. For more details on this significant advancement, check out the full blog post:

First SMAPIv3 driver is available in preview

Learn more and test our first SMAPIv3 preview driver, using ZFS.

XCP-ng BlogOlivier Lambert

XCP-ng Security Update

Don’t forget to keep your XCP-ng hosts up-to-date! For the latest updates on security measures, take a look at our recent security bulletin:

April 2024 Security Update

Security update for Xen latest XSAs.

XCP-ng BlogDavid Morel

Let's talk about our new XO release now! As usual, the full change log is available on this link.

💠 XOSTOR

We're thrilled to officially introduce XOSTOR, our new hyperconverged storage system developed in partnership with LINBIT. This collaboration represents a significant milestone in our mission to provide a fully integrated solution for any virtualized environments.

Take off with XOSTOR

XOSTOR is the latest addition to Vates VMS and brings the power of hyperconvergence to your infrastructure. With XOSTOR, users can efficiently consolidate their server local storage spaces, creating a robust Virtual SAN that enhances data accessibility and resource management.

Xen Orchestra BlogChristopher Weatherwax

But that's not all: alongside the official launch, we've also made substantial improvements to the user interface. Now, you can easily configure XOSTOR to suit your specific needs, whether it involves multiple disks, diskless nodes, or other configurations. Additionally, we've enhanced visibility into the network setup for replication, ensuring a seamless experience for managing your storage infrastructure.

Select networks/interfaces

With this update, you can now specify which network interface XOSTOR will use to replicate blocks. This allows for greater flexibility in optimizing network traffic and ensuring efficient data replication across your infrastructure:

LINSTOR health check

Now, you can access information about your LINSTOR cluster directly from the XO UI. Simply navigate to the XOSTOR tab within the SR view to gain insights into the health of your LINSTOR setup:

As always, we value your feedback. If you encounter any issues or have suggestions for improvement, please don't hesitate to share them with us on our forums, in the dedicated section:

XOSTOR

XCP-ng community forum

XCP-ng

💾 Backup

We’ve made several minor improvements this month, focusing mainly on bug fixes. Additionally, we’ve enhanced the automated backup health-check experience.

Health-check timeout configuration

Now, you can configure the health-check timeout to suit your needs. By default, it's set to 10 minutes, but for VMs that take longer to boot—especially when using advanced health checks like application-specific validations—you can adjust this timeout.

Modify the timeout setting in your config.toml file under the [backups] section:

healthCheckTimeout = '10 minutes'

📡 REST API

We're excited to introduce new endpoints to our REST API, making it even easier to track live events!

Expose audit log records

Access detailed audit logs through the new endpoint /rest/v0/plugins/audit/records, ensuring all activities are securely recorded and tamper-proof.

By the way, let's use this example to call the REST API with something else than curl and discover that it could be done with xo-cli rest get:

$ xo-cli rest get 'plugins/audit/records' limit=2
[
  'plugins/audit/records/$5$$cbd3e34d6882728a1fc8ebb9bb6f9fa5dd30710eb420648b75f1315df7326a18',
  'plugins/audit/records/$5$$80db6f58739f4dd65596a0b0135627ee9caef919831b14d4e5ddecf369e3311e'
]

$ xo-cli rest get 'plugins/audit/records/$5$$6456cfdba8baa14f740110933766e56741c5e0d06cebe3e7f19697a336c71939'
{
  data: {
    callId: '5xcm7ixbosr',
    duration: 41799,
    method: 'proxy.upgradeAppliance',
    params: { id: '73382711-6072-42f5-b805-afbcb74269db' },
    result: true,
    timestamp: 1714298152094
  },
  event: 'apiCall',
  id: '$5$$6456cfdba8baa14f740110933766e56741c5e0d06cebe3e7f19697a336c71939',
  previousId: '$5$$80db6f58739f4dd65596a0b0135627ee9caef919831b14d4e5ddecf369e3311e',
  subject: {
    userId: 'eb9bdc88-99bc-422a-a453-57623271f273',
    userIp: '::ffff:10.200.200.10',
    userName: 'julien.fontanet'
  },
  time: 1714298152094
}

Implement watchmode for tasks collection

The watch mode in the REST API is particularly useful because it enables real-time monitoring of system activities directly from your terminal or application interface. When you enable watch mode on the tasks collection endpoint, it dynamically streams updates about tasks as they happen. This means you can immediately see when a task is added, updated, or removed without needing to manually refresh or poll the server for updates.

The new endpoint /rest/v0/tasks?ndjson&watch will display a flow of events in live, for example:

["remove",{"id":"0lv13orww","href":"/rest/v0/tasks/0lv13orww"}]
["update",{"id":"0lv13otzz","properties":{"method":"acl.getCurrentPermissions","params":{},"name":"API call: acl.getCurrentPermissions","userId":"287d34e8-e5ca-48b3-bf32-8499fa167211","type":"api.call"},"start":1713194362080,"status":"pending","updatedAt":1713194362080,"href":"/rest/v0/tasks/0lv13otzz"}]

Yes, you can now start a curl or xo-cli rest get and see the tasks being displayed and tracked dynamically in your terminal!

🐦 VMware to Vates (V2V)

It’s been nearly two years since the debut of our V2V tool, and it keeps getting better. Driven by a surge of VMware users with diverse configurations, we’ve been continuously refining our approach. Notably, Xen Orchestra transfers data directly through vCenter or ESXi's API without needing direct storage access, making it robust and versatile.

Thanks to extensive feedback from our vibrant community and customers, we've enhanced our V2V tool significantly:

• Bypassing the XO HTTP Proxy: we've refined the V2V tool to access internal resources directly, bypassing the XO HTTP proxy which is not suited for internal data flows.
• Multi-datacenter Support: with the latest updates, you can connect to a centralized vCenter to manage and migrate resources across multiple data centers seamlessly.
• Enhanced VM Metadata Parsing: we've improved our ability to interpret and utilize a broader array of VM metadata options found in the .vmx file, expanding compatibility and simplifying migrations for diverse environments.

And that's not it… We now finally support… 🥁

vSAN datastore migration

We've successfully integrated support for another VMware storage type: vSAN, which utilizes a distinct format compared to VMFS versions 5 and 6. Migrating VMs from a vSAN datastore was a complex challenge, primarily because vSAN does not allow direct access to underlying VMDK files.

Nevertheless, we've developed a method that enables effective migration of your VMs to XCP-ng, though it requires shutting down the VM first, and the process isn't the fastest. But it works!

Interestingly, this update coincides with the availability of XOSTOR, allowing for a seamless transition from vSAN to XOSTOR storage solutions.

🚀 XCP-ng 8.3 features

As we approach the release of XCP-ng 8.3, our focus is to ensure that Xen Orchestra is fully compatible from day one.

PCI passthrough

A key feature in development is PCI passthrough via the API, aimed at simplifying its implementation directly through the XO UI. This feature required extensive groundwork, including the development of a new API structure in close collaboration with the XAPI project. You can track Benjamin’s contributions and our joint efforts here:

PCI passthrough API by benjamreis · Pull Request #5542 · xapi-project/xen-api

As discussed here: xapi-project/xapi-project.github.io#286 New methods: PCI.disable_dom0_access: Hide a PCI from dom0 kernel PCI.enable_dom0_access: Unhide a PCI from dom0 kernel PCI.get_dom0_acce…

GitHubxapi-project

And we already packaged the update:

PCI passthrough API in XAPI by benjamreis · Pull Request #62 · xcp-ng-rpms/xapi

See: xapi-project/xen-api#5542

GitHubxcp-ng-rpms

Although it’s not fully integrated into 8.3 yet, we’ve taken the initiative to merge our progress into XO UI in anticipation. This early integration means there may be initial hiccups, but we're preparing for a seamless experience in the upcoming updates. Stay tuned for the official package release!

List the PCI devices available on the host

In the host view, Xen Orchestra now displays a list of all PCI devices available on your host. An "Enabled" row indicates that the devices are hidden from Dom0 and are available for passthrough to any VM.

Attach a PCI device to a VM

A new button in the Advanced View of your VM allows for the selection and attachment of available PCI devices to the VM. This interface also displays currently attached devices, providing immediate utility regardless of your XCP-ng version:

🔭 XO 6 & XO Lite

We're excited to share updates on our new user interface, leveraging the unified components from both XO Lite and XO 6. For a closer look at our sleek, redesigned components, remember to check out our public Figma showcase.

New components implemented

We've implemented innovative icon components that enhance information delivery through a single icon, simplifying the interface while enriching user interactions. Similar advancements have been made with "object" icon components, designed to intuitively represent VM, SR, or network states:

XO 6 general layout

The introduction of the new "base" layout marks a significant advancement, featuring a CoreLayout component with a structured interface including a header, resizable sidebar, content header, main content, and a right panel.

This layout is ready for internationalization, keyboard shortcuts, and smarter REST API connectivity.

We're gearing up to unveil a preview of XO 6 next month via a dedicated /v6 endpoint, incorporating adaptive design elements for varying screen sizes and detailed improvements for a more efficient and dynamic user experience.

XO 6 Treeview

The first treeview for XO 6 is also finished, and can be now integrated in the previous layout:

We are really eager to make this visible next month!

XO Lite 0.2.2

If we’ve completed the first treeview for XO 6, and it’s now seamlessly integrated into our new layout. This development enhances navigation and organization, making it easier to manage and access various components. For XO Lite, this tree view is also now exactly like the Figma template:

We are thrilled to showcase this feature next month, bringing a more intuitive and streamlined experience to XO 6!

Release xo-lite-v0.2.2 · vatesfr/xen-orchestra

The global orchestration solution to manage and backup XCP-ng and XenServer. - Release xo-lite-v0.2.2 · vatesfr/xen-orchestra

GitHubvatesfr

🆕 Misc

In addition to the standout features of this release, we've also rolled out several smaller but equally valuable updates. These enhancements, though minor, are designed to improve user experience and system functionality, demonstrating our commitment to continuous improvement across all aspects of our platform.

RPU & RPR task tracking

We've expanded the use of XO tasks to include long, asynchronous, or complex operations, such as Rolling Pool Update (RPU) and Rolling Pool Reboot (RPR). These operations are now fully tracked, providing detailed insights into each stage of the process, from evacuating a host to applying updates.

This enhancement ensures greater transparency and allows users to monitor the progress of each sub-task more effectively.

Enhanced Secure Boot feedback

When creating a VM, we've added a new feature to enhance security awareness: if secure boot is enabled but the pool is not set up to support it, a clear message will now be displayed. This ensures that users are fully aware and not misled into believing their VM is protected by secure boot when it is not. This update enhances security transparency and user understanding of VM setup requirements.

Japanese translation

This addition reflects our commitment to inclusivity and accessibility, ensuring that our platform can be enjoyed by a broader global audience.

Whether you're a native Japanese speaker or simply prefer to navigate in Japanese, you can now experience Xen Orchestra with ease, thanks to this new translation.

A big thanks to Taki Yasushi for his work!