Xen Orchestra 4.5
XO 4.5 is out, 2 weeks after 4.4: we're back to our high release rate! And it doesn't mean we made only few things. Check the changelog: it's not bad at all ;)
Hide non-authorized controls
This was a very popular request: if a user does NOT have the right to do an action (e.g: Remove the VM), we should hide this button in the interface.
Despite that's seems trivial, it is not: because xo-server
centralize all the permissions, xo-web
can't guess if it's authorized before sending the request.
Two solutions:
- re-write the ACLs in the
xo-web
side: it will duplicate the rules and leads to bugs in the long run - write a lib centralizing the ACLs, accessible from both
xo-server
andxo-web
.
For this release, we choose to hide quickly what's really needed in the first place (in the VM view). But as soon the external ACLs lib is out, we'll switch to the better solution. It will be totally transparent on your side.
Before, for a "Viewer" only, you can see everything, even if you don't have the right to really make the action (like "Stop"):
After, for the same user:
We also hide where the VM is running if the user hasn't any right on the host/pool.
For sure, we'll make a UI review to have a nicer UI when we hide buttons (planned for the 4.6 in 15 days).
ACLs on networks
You can now authorize users to see networks to create VIFs in their VMs:
Plus, if you don't give any permission on the network, a user can't view any of your network in its own VM:
Faster consoles
We no longer use the ws-proxy
piece of code existing in XenServer, but we are connecting directly to the console in RAW HTTP. Results: consoles are displayed faster:
You can read this blog post for more details.
GitHub sign-on
After a generic SSO SAML provider available in 4.4, it's time to allow people with a GitHub account to access Xen Orchestra. This is great for our admins delegating VMs to their developers (or a contractor), without creating a account somewhere else.
You just have to create an app in GitHub and provide the credentials given there. Then modify the configuration of xo-server
:
plugins:
auth-github:
clientID: xxxxxxxxxxxxxxxx
clientSecret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Parallel coordinates graph
This kind of graph is useful to discriminate what is the "main" type of VM in your infrastructure from your "special" VMs (i.e: VMs with a configuration very different from others). But also filter to find a specific set of VMs.
Example:
You can learn more about it in a previous post.
Heatmap improvements
You can use consolidated values for CPUs in your host or VM (note the "All CPUs" in the 2nd select field):
Or you can aggregate hosts or VMs for a better global view. You want to see all network upload for a specific set of VM? Piece of cake:
Consolidated valued for 3 VMs
In this video, consolidated heatmap for all my hosts in two clicks:
Neat eh?
VM scheduled exports only with meta data
Want to export a VM without its disks? (only the configuration). It's now possible. Just select this checkbox:
Download
- Already a XOA user? Just use the updater for a smooth experience, and start to use 4.5 right now! Don't forget to refresh your browser after the update.
- Or download it in your member zone and make the update :)
What's next
The 4.6 milestone is almost established, with:
- XO plugin configuration in the web interface (configure SSO, LDAP and other plugin directly in the web interface, avoiding the "YAML nightmare" effect)
- XenServer tags management
- Google as an external login provider
- A page to change its own password (for non-SSO users)
- Auto ACL hierarchy and better UI
- A brand new (and very nice) new visualization :)
- First draft of the VM creation self service (for beta tests only)
All of this in the next 15 days!