Xen Orchestra 5.101
Discover the highlights of Xen Orchestra 5.101, from GFS retention and vTPM restore to enhanced UI features, CloudBase Init support, and more community-driven updates!
Welcome to the November 2024 release! As we near the end of 2024, this month’s release is the second-to-last update of the year, and there’s plenty to talk about. From updates across our ecosystem and community to exciting new features in Xen Orchestra, we’ve got a mix of highlights and improvements to share.
In this release, we’ve added GFS retention policies for backups, support for vTPM restores, and an improved health check to keep your infrastructure running smoothly.
We’ve also continued refining the new UI, bringing in new features and making dozens of tweaks to improve usability. Let’s take a closer look at what’s new in 5.101!
👨🚀 Project & Community
It’s hard to believe it’s been just a month since our last release, considering the sheer amount of news and activity in our community and ecosystem. From updates on projects to exciting developments across the board, there’s been no shortage of momentum.
If you’re here just for the details on the latest Xen Orchestra release, feel free to scroll down to dive straight into what’s new in 5.101. Otherwise, stick around to catch up on the bigger picture!
Making Rust a first-class citizen for Xen
At Vates, we’re not just building open-source software: we’re driving innovation and fostering collaboration. As part of our efforts, we’re working with the Xen Project community to make Rust a first-class citizen within the ecosystem.
Rust’s focus on safety, performance, and modern development practices aligns perfectly with the future of Xen. By advocating for and contributing to this transition, we aim to unlock new possibilities and bring long-term benefits to the entire community. You can read more about this initiative in our latest XCP-ng blog post:
Teddy Astie
XCP-ng 8.2 & 8.3 security updates
With two supported releases for XCP-ng now available—8.2 LTS and 8.3—we’re continuing to deliver security updates and bug fixes for both on a steady monthly schedule.
Managing updates for twice the number of packages is no small feat, so kudos to our XCP-ng team for keeping everything on track while maintaining the high standards our users expect!
Gaël Duperrey
Gaël Duperrey
Our growing ecosystem
There’s been a lot happening on this front! Not only are partners—integrators and service providers—actively selling our virtualization stack, but they now have even more tools and opportunities thanks to our updated partner portal:
Marc-André Pezin
On top of that, our technological partners are using our platform as a core component of their offerings, whether for hosting services or even public cloud solutions (stay tuned for more updates soon!). Check this recent example with Exodata:
Marc-André Pezin
RedHat certification
This is yet another sign of our growing presence in the IT world. We’re now officially certified for Red Hat, meaning that while Red Hat distributions have always worked well on XCP-ng, they’re now tested and validated by Red Hat itself!
You can read more about this certification on https://catalog.redhat.com/hardware/system/detail/260327
Many new open positions
We’re growing fast! Just two years ago, when Broadcom announced its acquisition of VMware, Vates was a team of about 20 people. Today, we’re approaching 70 and are on track to hit 100 next year.
With this growth comes many new opportunities: we’ve opened several positions to expand our team. To be honest, the volume of applications has been incredible, and we’re doing our best to respond to everyone. If it takes us a little time, we appreciate your patience. Rest assured, we’re carefully considering all candidates.
You can check out the list of open positions on our website:
An expanding community
Our growth isn’t just commercial: it’s also happening on the community side, which is now bigger than ever and continues to expand rapidly. In my opinion, this is the secret sauce for success in Open Source: revenue and community. One without the other doesn’t work, neither for end users nor for the company driving the projects.
Just take a look at these recent numbers from our community forums:
Xen Winter Meetup: last tickets!
If you’re a system developer interested in Xen (or already part of the Xen developer community) don’t miss the next Xen event we’re hosting in Grenoble!
Tickets are running out, so act fast if you want to join. You’ll find all the details on the event website:
And now, let's talk about this 5.101 release!
💾 Backup
Many improvements on stability and robustness among some cool features.
Long-term backup retention with GFS Strategy
Managing backups is key to keeping your virtual infrastructure running smoothly. To help with long-term data retention, we've added an option in Xen Orchestra to configure Grandfather-Father-Son (GFS) backup retention strategies.
You'll find this new feature in the Scheduling section, where administrators can easily set how many backups to keep for different periods of time:
- Daily backups
- Weekly backups
- Monthly backups
- Yearly backups
The most recent backup for each interval (daily, weekly, monthly, and yearly) is retained. Only intervals that have at least one backup are considered for retention, and older backups in those intervals will be deleted to make room for the newer ones.
These settings apply only to backup schedules, not to rolling snapshots or replication jobs. By customizing these options, you can ensure that your backup retention meets your organization's needs.
This approach is similar to tools like Restic and Borg, and is designed to handle situations where older backups are deleted. GFS also works independently of the base/delta backup policy, making it adaptable to different scheduling needs.
Support for vTPM backup and restore
We've made it easier to back up and restore the contents of virtual Trusted Platform Modules (vTPMs). This enhancement automatically includes sensitive data (such as encryption keys) in backups, ensuring that nothing critical is left behind.
This update adds an extra layer of protection for environments that rely on advanced security, making restores smoother and safer when working with encrypted or secure workloads.
The data stored in vTPMs, such as encryption keys, is particularly critical. It's important to secure backups, especially using encryption in Xen Orchestra, to protect this sensitive information from unauthorized access.
Better backup health checks
We’ve made improvements to backup health checks to resolve an issue where restores could occasionally remain stuck in an idle state during the process.
The health check now uses PV_drivers_detected instead of PV_drivers_version.major to confirm whether a VM has booted properly. This adjustment enhances reliability, particularly for PVH VM types or cases where VMs had trouble reporting the driver version.
Smoother backups with sequential host connections
Sometimes, backups can fail because a virtual disk (VDI) is still in use by a host, causing errors like VDI_IN_USE. To solve this, Xen Orchestra now connects to hosts one at a time during backups.
This change reduces conflicts and makes the backup process more reliable, even for busy environments. It’s a small but important tweak to ensure your backups run without a hitch.
🦾 Hardware integration
We’re making steady progress on hardware integration with our technological hardware vendors, almost on a monthly basis. It’s not just about fixing bugs (though we did resolve an issue with Lenovo servers and fans running at full speed), it’s also about enhancing the experience by providing more detailed hardware information directly in Xen Orchestra.
BIOS update checks for 2CRSi servers
Keeping your hardware up to date just got easier! Xen Orchestra now automatically checks the BIOS version of your 2CRSi hosts against the latest version available in the 2CRSi repository.
If an update is available, you’ll see the latest version displayed, along with a direct link to download it, right in the host’s general tab.
🥝 Core UI
As development on both XO 6 and XO Lite continues, the lines between the two projects are becoming increasingly blurred, especially when it comes to the core components of their user interfaces. Many of these components are now shared, making it almost impossible to separate the two in terms of development.
To reflect this growing overlap, we’ve introduced a new section called "Core UI", which encompasses shared features and improvements that apply to both XO 6 and XO Lite. This unified approach allows us to deliver a more consistent experience across both projects while streamlining development efforts.
Improved console view
We've updated the console view in Xen Orchestra to make it more user-friendly and responsive.
- Cleaner and simpler layout: the interface looks more organized, so it's easier to find what you need.
- Faster performance: the console loads faster, which helps if you're working with multiple VMs at once.
- Easier controls: the improved controls (such as keyboard shortcuts or a clipboard) make it simpler to interact with your VMs, whether you're managing or troubleshooting them.
With these changes, the console is now smoother and more efficient, making VM management a better experience overall.
Czech language support
This month, we’re expanding our language support by introducing Czech! This new addition creates a more inclusive experience for Czech-speaking users, enabling them to interact with Xen Orchestra in their native language.
A huge thanks goes to p-bo from GitHub (GitHub profile) for making this possible. His dedication and attention to detail have brought this feature to life, once again demonstrating the incredible value of our community.
Whether you’re managing VMs, configuring backups, or exploring advanced settings, you can now navigate everything in Czech.
Card component
Xen Orchestra has a new "card" component that improves the way information is displayed in the interface. It provides a clearer and more polished way to present important details while keeping the interface visually appealing:
The network management view coming with it will be available soon:
Panel
The logical next component after the card is the panel itself:
404 page
We also added a new 404 error page to make it easier to navigate when a page can’t be found. Instead of just showing a plain error message, this page now includes visuals, to make the issue clear, less frustrating and provide helpful links:
This new page reduces frustration by offering clear information and alternatives, helping users get back on track.
Improved user menu
The user menu in XO Lite has been updated to match the sleek design of XO 6, using the same user icon. This change brings a more consistent look across the platforms, making the interface feel more unified and modern.
Before:
After:
Also, the user menu now provides quick access to key resources:
- Access the XCP-ng Documentation straight from the menu to find detailed guidance.
- Access Professional support
- Send Feedback and join conversations through our forum
Now, these essential resources just a click away!
Improved empty table display
We've added a more informative and visually clear placeholder for empty tables throughout the web interface. If no data is available, users will see a message explaining the situation and suggesting relevant next steps or actions, making navigation smoother and the UI more intuitive.
New panel states
We've added visually distinct state cards in the panel. These cards represent specific states like errors, no selection, or loading, so that users can quickly understand the current status of a process or action. The design emphasizes clarity and accessibility, helping users navigate complex workflows easily.
XO 6: host console access
With the latest release, you can open a console session for any connected host directly from the web interface. Whether you need to troubleshoot an issue, run quick commands, or review host logs, everything is just a few clicks away.
XO Lite: console actions
You have now a panel dedicated with all console actions on the side. Convenient and efficient!
🪐 XO Proxy
Our proxy has grown far beyond its original purpose of scaling backups horizontally. It can now also act as a relay in distributed infrastructures, eliminating the need to set up dedicated private networks.
Showing proxy version
You can now easily check the version of a proxy directly from the Xen Orchestra interface: no need to tunnel in or run CLI commands. This new feature streamlines the user experience, providing instant visibility into the proxy version and making it easier to ensure you’re running the latest updates.
📡 REST API
Our REST API isn’t just easier to use than the older JSON-RPC version—it’s also the foundation for our new UI, making it a future-proof solution for both developers and users.
Manage VIFs when creating VMs via the REST API
You can now manage virtual interfaces (VIFs) through the REST API when creating virtual machines. This makes it easier to configure network settings for your VMs right from the start, eliminating the need for manual adjustments after creation. With this feature, you can specify which network a VM’s VIF should connect to using simple commands, streamlining and automating the setup process.
While this functionality has been available in the Xen Orchestra UI (XOA) for some time, it’s now extended to the REST API. This brings the two closer together and is part of our ongoing efforts to make VM creation via the API just as complete and user-friendly as it is in the UI, step by step.
// The VM will be created with the template's VIFs
xo-cli rest post pools/<your-pool-id>/actions/create_vm \
name_label="mra-vm-from-rest-api" \
template="<your-template-id>"
// The VM will be created with the template's VIFs + one VIF
xo-cli rest post pools/<your-pool-id>/actions/create_vm \
name_label="mra-vm-from-rest-api" \
template="<your-template-id>" \
vifs=json:'[{"network":"<your-network-id>"}]'
// The VM will be created with the template's VIFs, but the VIF with `device 0` will be updated
xo-cli rest post pools/<your-pool-id>/actions/create_vm \
name_label="mra-vm-from-rest-api" \
template="<your-template-id>" \
vifs=json:'[{"device":"0", "network":"<your-network-id>"}]'
// The VM will be created with the template's VIFs, but the VIF with `device 0` will be removed
xo-cli rest post pools/<your-pool-id>/actions/create_vm \
name_label="mra-vm-from-rest-api" \
template="<your-template-id>" \
vifs=json:'[{"device":"0", "destroy": true}]'🛡️ Air gap features
We’ve reached an important milestone in supporting fully air-gapped infrastructure, enabling the complete lifecycle of XCP-ng, XO, and even XOSTOR in physically disconnected environments.
This functionality is ideal for highly sensitive installations like nuclear power plants, as well as naval ships, offshore oil rigs, or airplanes where network connectivity simply isn’t an option.
To make things easier, we now offer a dedicated service for these growing use cases. Along with this, we’ve prepared a comprehensive guide detailing how to deploy, install, and perform fully disconnected updates across our entire stack.
If you’d like to learn more, feel free to get in touch with us!
🆕 Misc
This month brought a wide range of improvements and new features to the existing interface. As you’ll see, it’s been a busy month, and we’re committed to continuing to refine and enhance the experience for all our users!
Easier Maintenance mode with migration bypass
We've made some improvements to host maintenance in Xen Orchestra to give you more flexibility and control. In the past, entering maintenance mode could get blocked by VMs with "stuck" backup flags, even if no backups were running. This caused delays and slowed things down.
Now, we've added a feature that detects when migrations are blocked during maintenance mode. If something goes wrong, a pop-up will tell you which VMs are causing the issue and give you the option to override the block. You can then go ahead with the forced migration and smoothly transition to maintenance mode without any roadblocks.
This update makes it easier to spot problems, fix them quickly, and have a more predictable host maintenance process.
New control to block or unblock VM Migrations
We’ve added a new feature in Xen Orchestra to give admins more control over VM migrations. You can now easily block or unblock VM migrations with just a click in the Advanced VM tab.
The new Unblock Migration button helps clear specific migration restrictions. If a migration is blocked, the button will appear with a warning, so it’s easy to spot and fix the issue. If the migration isn’t blocked, the button stays grayed out, showing the current state of the VM.
This update makes it easier to manage VM migrations, especially when dealing with things like host maintenance or system upgrades.
Automatic trimming of editable text
Editing names or descriptions for pools, hosts, VMs, and storage repositories (SRs) is now smoother with automatic trimming of extra spaces at the beginning and end. This update automatically cleans up extra spaces, preventing errors and making the interface more consistent and polished.
A new era for the Xen Orchestra documentation
We've made a major upgrade to our documentation platform by migrating from VuePress 1.4 to Docusaurus 3.6. With VuePress no longer maintained, this move ensures that our documentation remains robust, up to modern standards, and able to support more frequent updates.
This change brings Xen Orchestra's documentation in line with our XCP-ng documentation, which is already hosted on Docusaurus. As a bonus, the migration provided an opportunity to refresh and slightly reorganize the content, paving the way for an even more dynamic documentation experience in the future.
Clearer error messages for host key problems
Getting an error due to a small host key can be confusing. Xen Orchestra now provides clearer, more detailed error messages when a host key is too small.
Instead of generic messages, you'll now see a precise explanation of the problem, making it easier to understand what went wrong and how to fix it.
Fixed encoding issues in S3 remote usernames
We’ve fixed an issue that caused usernames to be improperly encoded when connecting to S3-compatible storage. This means no more errors or disruptions during backups and restores—just smooth, reliable operations with your S3 remotes.
CloudBase Init
This one was a bit tricky, but we did it! Xen Orchestra now supports CloudBase Init for Windows VMs, enabling configuration to be pushed in a similar way to CloudInit for Linux.
Behind the scenes, we forked the fatfs library to implement the createLabel function, which is required to properly label disks for Windows VMs. Without this, the disk would be mounted without a label, causing issues during the setup process. We’ve put together a comprehensive README with all the technical details if you want to understand our work.
With this feature, you can now use CloudBase Init to streamline configuration for your Windows VMs—just as you would for Linux!