Xen Orchestra 5.109

It’s mid-summer up here in the Northern Hemisphere, and while many are taking a break, things haven’t slowed down on our side. This month’s release is a good opportunity to look back at what’s been moving: XO 6 is progressing well, same for our work on Windows PV drivers, and we’re running some interesting tests on XCP-ng too.

Security updates? Still coming. And the backup engine we started rewriting months ago? It’s now considered stable.

Both XO 6 and XO Lite are gaining momentum: we’re on track with our goals. And to wrap it up, don’t miss the user feedback on how the auto health check backup feature saved their day. Real stories like this matter.

Enjoy the update!

👨‍🚀 Project & Community

What’s going on at Vates? A lot, and not just on the XO side. We’ve got updates on XCP-ng, a current status on Windows PV drivers, a fresh recap on XO 6… and honestly, so much is coming in September that we’re not even sure how we’ll announce it all.

Your own GPU-Powered LLMs with XCP-ng?

Ever wondered if you could spin up a dedicated LLM VM right inside your existing virtual infrastructure? Short answer: yes.

But why would you want to? Start here with the reasons behind it:

Building an AI-ready infrastructure with Vates VMS

AI is transforming industries and reshaping how companies approach infrastructure. Beyond performance, key questions emerge around security, sovereignty, and technical capabilities, especially as organizations consider where and how to run their AI workloads.

Vates BlogMarc-André Pezin

And yes, it works, even with aging hardware. You’ll see how easy it is to assign a GPU to a VM without affecting the rest of your setup. Follow our step-by-step guide:

Your own GPU-Powered LLMs with XCP-ng

Discover how easy it is to deploy a fast, local AI assistant on your infrastructure using XCP-ng and a single GPU.

XCP-ng BlogOlivier Lambert

No more excuses. It's time to run local LLMs!

Inside the making of Xen Orchestra 6

We didn’t start XO 6 just for fun, there were real needs behind it. Over the years, infrastructures have grown massively, and we hit some clear limits with the old architecture. So instead of patching over them forever, we decided to build something better from the ground up: cleaner, faster, and more future-proof.

This article explains the reasoning behind the project, where we are today, and what’s coming next:

Inside the making of Xen Orchestra 6

Xen Orchestra 6 is taking shape. From a redesigned UI to deep architectural changes, this new version brings better performance, improved workflows, and modern DevOps integrations, all shaped by community feedback and real-world use cases.

Xen Orchestra BlogMarc Pezin

But let’s talk numbers. Here’s a glimpse at performance on our reference setup: 1000 VMs, across 20 pools and 40 hosts:

And that’s just scratching the surface. Obviously, smaller setups won’t notice much, but for those managing larger infrastructures, the difference is huge. We’re seeing more and more deployments worldwide with 10,000+ VMs, and for those environments, XO 6 isn’t just “nice”, it’s essential!

Load times are slashed, responsiveness is way up, and the whole thing becomes actually pleasant to use. And this is just the beginning.

Windows PV drivers: updates and roadmap

If you’re running any Windows VMs, this is a must-read. We’re proud to announce that Vates is now officially part of the Windows PV drivers maintainer team upstream in the Xen Project. It’s a strong signal of our long-term commitment: we’re not just using the stack, we’re helping to build and maintain it at the source.

But there’s more. We’ve also made solid progress on our downstream work, with concrete improvements already available for our users.

Check out the full update here:

Windows PV drivers: update and roadmap

From downstream fixes to upstream collaboration, here’s where we stand with Windows PV drivers. And where we’re headed next!

XCP-ng BlogTu Dinh

XCP-ng updates

This month brought a solid round of updates on the XCP-ng side, especially focused on security. As usual, we’re making sure both LTS versions stay up to date, with quick responses to upstream advisories and ongoing improvements from real-world usage.

If you're still running XCP-ng 8.2 LTS, note that it will reach end-of-life in just a few months. Now’s a good time to start planning your upgrade to 8.3 if you haven’t already.

In the meantime, you can find the latest 8.2 security updates here:

July 2025 Security and Maintenance Update for XCP-ng 8.2 LTS

New security and bugfix updates are available for XCP-ng 8.2 LTS.

XCP-ng BlogSamuel Verschelde

The AMD XSA is also available:

July 2025, Security Update #2 for XCP-ng 8.2 LTS

New security updates are available for XCP-ng 8.2 LTS.

XCP-ng BlogGaël Duperrey

As for XCP-ng 8.3, we’ve released two separate update trains. First, a batch of general fixes and improvements:

July 2025 Security and Maintenance Update for XCP-ng 8.3 LTS

New security, bugfix and enhancement updates are available for XCP-ng 8.3 LTS.

XCP-ng BlogSamuel Verschelde

Then, a dedicated update addressing the AMD-related security advisory (XSA-471). Stay up to date: especially when security is involved.

July 2025 Security Update #2 for XCP-ng 8.3 LTS

New security and bugfix updates are available for XCP-ng 8.3 LTS.

XCP-ng BlogGaël Duperrey

Alright, now let’s dive into what’s new in this July release.

💾 Backup

It’s been three months since we released the major overhaul of our backup code, and the results are in: things are looking solid. After extensive testing and real-world usage, we’re happy to report it’s now stable enough to promote it to the stable channel, starting with last month’s release.

Curious about what changed and why it matters? Check this previous blog post:

Next-gen XO backup engine: beyond VHD

Discover how we’re building a smarter, format-agnostic backup system to meet the demands of tomorrow’s infrastructure.

Xen Orchestra BlogOlivier Lambert

Better error reporting on remote read failures

When a restore failed due to an incomplete backup file (like a legacy VHD that couldn’t be fully read), the error message was often vague and not particularly helpful. This understandably led some users to reach out to support just to figure out what went wrong.

We’ve now improved the error handling: if a remote can’t provide the full file during a restore, you’ll get a much clearer and more actionable message. Troubleshooting these cases should be far easier from now on.

Saving the day

Here’s a real-world story that perfectly illustrates why backup verification matters.

One of our users had a backup stored on a NAS using NFS. Everything looked fine, the backup completed successfully. But later, the NAS started failing silently, and the disk storing that backup became corrupted. The user wouldn’t have noticed… if not for the Backup Health Check feature in Xen Orchestra.

That’s what flagged the issue: long before they actually needed to restore anything. Without it, the corrupted backup would’ve gone unnoticed until it was too late. Instead, they had time to react and ensure their data was truly safe.

This is exactly why we always say: a backup you haven’t tested isn’t really a backup. In this case, that one check made all the difference. It might just save your day too.

🥝 Core UI

Work on the Core UI is moving along nicely: all part of our plan to make the new interface the default for Xen Orchestra in the next few months. Bit by bit, we’re closing the gap with the current UI while also bringing a much more modern and streamlined experience. Stay tuned, it’s coming together fast!

Updated progress bar design

We've updated the progress bar in the web interface to better reflect our current design system.

The new progress bar keeps the same behavior, while giving XO 6 and XO Lite a more unified look and feel. It's a small visual update, but is part of a broader effort in modernizing the interface as a whole.

Data ruler component

We’ve added a new UI component called DataRuler. It's designed to present storage or memory usage in a compact and readable format, featuring clear visual markers. 

Like the updated progress bar, this addition is part of our ongoing efforts to align the UI with our latest design system.

New icon system

In XO 6 and XO Lite, we've transitioned all icons to a new, unified system. This update enhances consistency throughout the interface and simplifies future design updates.

You'll notice smoother visuals and better integration with the overall design system, resulting in a cleaner and more modern UI.

🛰️ XO 6

AlarmItem component

We're introducing a new AlarmItem component, which displays the important messages more clearly. It makes spotting issues easier and helps you react faster. This building block will further improve how notifications and warnings are shown, as we continue to refine the user experience.

Server connection page 

We've added a special page for connecting to a new server. It enables you to add a host to your environment by rapidly entering information like the IP address, proxy URL, username, and password.

Starting a new server is made simple with this new page. No more navigating intricate menus!

Pool dashboard

Now the Pool default view (Dashboard) is available and displays a recap on the pool.

Another extra view finished, we are on schedule for December and getting finally a release of XO starting with 6.0!

Alarms in the site dashboard

The site dashboard has been updated with a new section called Alarms. This component gives you a quick overview of active alarms across your infrastructure, so you can spot issues faster and respond quickly to any developing situation. While it is a small addition, it remains a building block to make monitoring easier at a glance.

🔭XO Lite

XO Lite, our lightweight, embedded UI bundled with XCP-ng 8.3, continues to benefit from the progress made on shared components with XO 6. And speaking of that…

Migrating XO Lite to Core components

We've updated XO Lite by replacing its old components with the Core components used throughout Xen Orchestra. This change helps maintain a cleaner codebase and ensures a more consistent experience.

By utilizing the shared Core components, XO Lite can benefit from continuous improvements and bug fixes without additional effort, making the interface smoother and more dependable.

🪐 XOA

We updated our XO Hub with a refresh of Ubuntu 24.04. Even if it's minor, we used that opportunity to use even more automation, so expect other updated templates soon!

📡 REST API

Our REST API is becoming widely used and replacing almost entire our JSON-RPC API, at least for the most used endpoints. And in the meantime, we are also improving this new API via our Swagger.

New endpoints documented in Swagger

We've added more endpoints to Swagger, as part of our effort to enhance the API documentation since the 5.104 release:

• Alarms (Hosts, networks, PIFs, pools, SRs, VBDs, VDIs, VDI snapshots, VIFs, VM controllers, VM snapshots, VM templates and VMs)
• Pools (dashboards, stats)
• Groups (create, update, delete)
• User (create, update, delete)

Now that these endpoints are documented and available in Swagger, developers and integrators can more easily understand how they operate, test them and build around them.

This is one more step in our long-term goal to make the entire Xen Orchestra API clearly documented and OpenAPI-compliant. You can read more on this previous blog post.

☸️ DevOps Tools

Even with much of the team away in July, we still managed to ship a few improvements, because progress never really stops.

New release of our XO Cloud Controller Manager

It’s still early days, but we’ve just published a new release of the XO CCM. One neat addition: if you migrate a VM that’s used as a Kubernetes node, the new resident host will now be automatically synchronized at the Kubernetes level.

Pretty cool, right?

If you want to learn more about this feature:

feat: add cloud-node-label-sync controller to sync labels with actual XO VM state by nathanael-h · Pull Request #9 · vatesfr/xenorchestra-cloud-controller-manager

Pull Request What? (description) A new controller has been added to synchronise node labels with the current state of the VM. This means that the zone and region labels are no longer immutable, but…

GitHubvatesfr

All our CCM releases are available here:

Tags · vatesfr/xenorchestra-cloud-controller-manager

Kubernetes Cloud Controller Manager for Xen Orchestra - Tags · vatesfr/xenorchestra-cloud-controller-manager

GitHubvatesfr

New Pulumi XO provider release

We’ve just released an updated version of our Pulumi provider for XO! This includes improvements to disk lifecycle management, reflecting the same fixes we made in our Terraform provider last month.

A good sign that we’re committed to supporting both tools equally: no favoritism here (go Pulumi, go! 😂)

Release v2.1.0 · vatesfr/pulumi-xenorchestra

This new version builds on the improvements to the Terraform Provider regarding the disk lifecycle of a VM. (see the provider release ) Does the PR have any schema changes? Looking good! No breakin…

GitHubvatesfr

🐦 VMware to Vates (V2V)

We keep migrating more and more users away from the Broadcom/VMware ecosystem to the Vates stack (XCP-ng + Xen Orchestra). And our V2V migration tool plays a key role in making that transition as smooth as possible.

But we’re not stopping there.

New V2V backend with nbdkit and VDDK

We’re currently testing a new backend for V2V migrations, built around nbdkit and VMware’s Virtual Disk Development Kit (VDDK). While our current in-house system has done a good job, it starts to show its limits on heavier workloads: slower transfers, higher load on the ESXi host, and no support for disks over 2 TB.

With this new approach, VMware disks are exposed over the NBD protocol, giving us:

• Better performance
• Lower load on the source host
• Support for warm migrations regardless the ESXi versions
• Cleaner, more maintainable code
• No more headaches with handling different VMDK formats

There’s one manual step: users will need to upload the VDDK library to Xen Orchestra. But once that’s done, the benefits are well worth it.

We’re still polishing the tooling (including snapshot support and socket-based communication), and we’ll soon publish clear documentation to guide you through installation and checks.

This is a big step forward in making migrations even faster, safer, and simpler.

📖 Documentation & guides

Good documentation is key to understanding your tools, and getting the most out of them. This month, we focused on filling in some of the missing pieces where features existed but weren’t clearly documented.

Backup scheduling

We’ve updated the Xen Orchestra documentation to better explain how backup scheduling works.
You’ll now find details on how to view existing schedules, create new ones, and configure all the relevant parameters.

Clearer docs mean fewer surprises — and fewer questions!

🌐 Translations

Making Xen Orchestra available in multiple languages wouldn’t be possible without the help of our amazing community. Every contribution makes the platform more accessible and helps grow the user base worldwide.

Weblate - web-based localization

Copylefted libre software, used by over 2,500 libre software projects and companies in over 165 countries.

Weblate

6 languages updated

A big thank you to our community for their ongoing efforts in translating Xen Orchestra!

This month, special attention was given to Czech, German, Spanish, Italian, Dutch, and Russian.

Want to help translate Xen Orchestra or improve existing translations? You’re more than welcome to join in here.

🆕 Misc

That’s not all! As always, we’ve made a number of smaller improvements that don’t fit neatly into a single category, but they all add up to make Xen Orchestra more powerful, practical, and enjoyable to use. It’s the kind of progress that quietly improves your day-to-day experience.

Clearer messages in the snapshot table

This one caused confusion for quite a few users. Technically, a VM snapshot in XCP-ng is just a regular VM with a snapshot: true flag — but that detail isn’t always intuitive when you're managing snapshots.

So we improved the messaging in the snapshot table, especially when removing snapshots. The goal: make it much clearer what’s happening, without needing to understand the low-level details.

Confirmation for deletion, even on a single item

We heard your feedback: deleting something like an ACL or a backup (even if it’s just one item) can be risky. To help avoid accidents, we’ve added an extra confirmation modal, even for single-item deletions. A small change, but one that adds a bit more peace of mind.

Show supported image formats in storage repositories

Xen Orchestra now displays which image formats are supported by each storage repository (SR) and VM disk. When creating a new SR or virtual disk, the UI will automatically show you the supported formats, making it easier to pick the right one without guesswork.