Xen Orchestra 5.73

XO 5.73 is now available! Enjoy Let's Encrypt in a fully automated fashion to get your XO protected in HTTPS for free.

Xen Orchestra 5.73

The end of the month arrives and with it, a new release of Xen Orchestra. Despite we are in July (which is usually quieter), we managed to deliver two new features. Moreover, our teams take advantage of this holiday period to fix bugs and lay the groundwork for big new features.

🔒 Integrated Let's Encrypt support

For people who want to publicly expose Xen Orchestra, having a valid HTTPS certificate is vital. For a long time now, you can configure Xen Orchestra to deploy your own certificates (self-signed or not). However for some of our users, they wanted to enjoy the flexibility and the simplicity of Let's Encrypt certificates. This brings free valid HTTPS certificates without even having to renew them, because Xen Orchestra will handle that for you!

To configure your Xen Orchestra Appliance with Let's Encrypt, it's very simple:

  1. Add an entry autoCert = true and an entry acmeDomain = example.org in the HTTPS section of your XO configuration file
  2. Load https://example.org in your browser
  3. After a few seconds, the certificate will be auto generated and installed

More complete documentation is available at this page.

This new feature will also auto renew your certificate 30 days before expiration! And unlike "normal" certificates, no need to restart xo-server to enjoy your renewed certificate!

📡 REST API: ISO import

Previously, disks could only be imported in the VHD format, this release brings the raw format support which is especially useful to upload new ISOs:

curl \
  -X POST \
  -b authenticationToken=KQxQdm2vMiv7jBIK0hgkmgxKzemd8wSJ7ugFGKFkTbs \
  -T alpine-linux.iso \
  'https://xo.example.org/rest/v0/srs/5abb8fcc-98f9-49e2-9164-5259c8a5fe89/vdis?raw&name_label=alpine-linux' \
  | cat

The documentation has been updated to reflect this new feature.

🔭 XO Lite

As you may have noticed, the development of XO Lite has not been very fast the last few months. Recently, we welcomed a new full-time developer and a lot of discussions have been taking place around XO Lite. From these exchanges, the choice was made to restart the project from scratch, on a new technological basis and we therefore abandoned the Webpack + React stack in favor of Vite + Vue.

In addition to the intrinsic advantages of the framework (lightness, performance, documentation, modularity, Single File Components, Composition API…), we also have the advantage of having a developer with several years of experience in Vue as well as a team enthusiastic to embrace this pivot. Since we have a great web designer, we also abandoned the usage of the Material UI components library in favor of creating our own components based on the mockups made by Clémence (see this previous blog post about it).

Additionally, the first version of XO Lite used the xen-api Node module, which required the use of many polyfills for the browser. We have therefore decided to develop, in parallel to XO Lite, a new "xen-api lite" library, exclusively dedicated to the browser.

As a result of these decisions, the velocity on the development of the new version of XO Lite has exploded and in just a few weeks we have surpassed the level of the previous version that was developed for almost a year. This is great news, especially since XO Lite will be the basis of the future XO 6.

As you can see below, many things are added, including a powerful filter system, a dark mode and other components!

🧪 XO 6 Devblog

As you know, one of the big projects this year in addition to the creation of XO Lite, is the new major update of Xen Orchestra: Xen Orchestra 6.

Our XO CTO, Julien has written a dedicated blogpost to tell you more about the technological choices we made for Xen Orchestra 6:

XO 6: what’s on the horizon
A quick review of our progress on XO 6 front, the full rewrite of Xen Orchestra UI and part of the server!

💾 The future of backup

Recently, you might have seen some changes in our backups, like the use of what we call "VHD directories". It was a needed storage format change to be compatible with the S3 protocol, but it was also a very good basis to add new features in the near future.

The first one is remote level encryption: giving you the ability to encrypt all the files in a backup repository with AES 256, allowing you to store your backups in a non-trusted location. Since the key isn't stored with the backup, your data is safe!

Another big topic is related to backup speed. We are experimenting with an alternative way to fetch the VM disks, making use of the NBD server present since Xenserver 7.3 (and XCP-ng since 7.4) with our delta snapshot functionality. Our preliminary results are very promising: it's not only a lot faster to export versus the VHD handler, this will also decrease the dom0 CPU usage during the transfer!

The next steps will be backup tiering: backup to a storage repository, and then asynchronously transfer the data to another slower storage . This will allow you to backup to something like Amazon Glacier for example.

Then, we are also working on providing backup repository deduplication, with the target of reducing data transferred by 20-30%. This will be possible to configure "per backup repository".

Finally, and in parallel of all of this, we are committed to making continuous improvements with our backup code, to make it more resilient (retry on failure, faster resuming) and more transparent for the user (progress bar, more alerts, ...). All of that with new methods available directly in the REST API, so you can monitor actively AND passively the status of your backup jobs.

🧬 Pricing evolution

Our pricing will evolve this fall (end of Q3 or start of Q4). There are many reasons for this, past and future. We are telling you everything about it in a dedicated blog post. We share everything in a transparent way as we always do:

XO pricing evolution
A review on our pricing evolution, since we started to today, and why we must adapt.

Also, we'll introduce new offers in the next months: indeed, since most of our new customers are coming from the VMware world these days, we need to provide "bundled" offers containing the whole stack in one product, so it's easier to purchase and understand. Obviously, we'll keep the "standalone" offers available, but the new ones will be an attractive option to get both XCP-ng and XO together.

🤝 A new partnership

We are also happy to announce a new partnership with Excellerent, a US-based company providing technological and human resource solutions to deliver digital transformation. Read this blog post to get more details:

Vates and Excellerent partnership
Vates and Excellerent Technology Solutions are proud to announce the signing of their partnership agreement.