Xen Orchestra 5.90

Xen Orchestra 5.90, marks a significant milestone in backup and XO Lite.

Xen Orchestra 5.90

And this is it! The final release of the year marks the end of an incredibly significant 2023 for everyone at our team, as well as our vibrant community.

🎵
As usual, our release is available both on Youtube and spotify in a podcast format.

🧑‍🚀 Project & Community

With each Xen Orchestra release, we seize the moment to update you on the progress of our ongoing projects and share exciting developments within our community. There's a lot to discuss, as 2023 was a pivotal year for Vates.

Our new bundles

An essential update: the future of our commercial offerings. We've dedicated time to meticulously develop what we believe is the finest product available, integrating the complete stack with straightforward pricing and offerings.

Introducing Vates Virtualization Management Stack
In 2024, we are going to introduce new offerings that will embed both XCP-ng Pro Support and Xen Orchestra Appliance: the Bundles.

Release of Linux/BSD Rust Guest Tools

We're excited to report substantial progress on the VM/guest tools for Linux & BSD. A new version has now been released and is readily accessible in the Debian/Ubuntu repositories. Its performance is outstandingly quick, decisively surpassing the speed of XenServer guest tools written in Go, especially in terms of reporting VM data. The new tools can relay guest information on boot in just a few milliseconds, compared to the minutes previously required.

Rust guest tools 0.3.0
Discover the seamless integration and enhanced functionality of the new Rust guest agent in its latest 0.3.0 version for Linux and BSD systems.

New release of our Terraform provider

If you want to learn more, the changelog is available here:

Release v0.26.0 · terra-farm/terraform-provider-xenorchestra
What’s Changed [New feature] Allow VM resource’s power_state to be managed by @ddelnano in #278 [Security fix] Bump golang.org/x/net from 0.13.0 to 0.17.0 by @dependabot in #273 [Security fix] Bum…

A fresh ISO for XCP-ng 8.2.1

We're thrilled to unveil the updated installation images for XCP-ng 8.2.1.

Updated installer for XCP-ng 8.2.1
We are happy to announce the release of updated installation images for XCP-ng 8.2.1, with better hardware support and all the updates since the initial 8.2.1 release.

It includes all the security and maintenance updates published since the initial release of XCP-ng 8.2.1 (almost 2 years ago!), as well as improved hardware support and drivers.

Now, let's redirect our focus to this Xen Orchestra release! We're eager to dive back into discussing the latest enhancements and features that make this update noteworthy.


💾 Backup

In line with our tradition, this release introduces some exciting new backup features. We're also giving you a sneak peek into the extensive work being done behind the scenes as we gear up for the next major leap forward.

Add tasks for NBD enabled backup

With the introduction of NBD-capable backups, we've observed a significant increase in backup speed and a decrease in CPU load on the host. This efficiency has encouraged more users to adopt this method. However, unlike the traditional VHD transfer method, NBD exports don't display as an export task, leading to some confusion. Users have found it difficult to discern the progress of a transfer, which is a valid concern.

To address this, we've decided to implement a new feature: the generation of a XAPI task for NBD transfer via Xen Orchestra.

This task will not only indicate when an export is underway but will also track its progression in percentage. This enhancement brings clarity and transparency to the backup process, allowing you to monitor the status of your backups directly from XO Lite or the xe CLI, ensuring you're informed no matter where you are or what interface you're using.

An NBD transfer is now visible in the task view

Utilizing NBD for backups has proven to be significantly faster and more resource-efficient. This efficiency stems from the streamlined export process NBD employs, which minimizes the "translation" layers involved, thereby accelerating the operation and reducing CPU usage. However, the advantages of NBD extend beyond speed and resource conservation. It introduces several functionalities that are unattainable with traditional VHD exports, including:

  • the ability to pause and resume downloads
  • the flexibility to seek any position within the data blocks
  • the option to customize the number of data blocks downloaded simultaneously.
  • the capability to download multiple blocks in parallel.

It's this last feature that we've put to the test, and the results are promising, particularly in addressing a well-known challenge: enhancing backup speed over high-latency connections. By leveraging the ability to download blocks in parallel, we've significantly mitigated the impact of distance and network delays, ensuring faster, more reliable backups regardless of your geographic location or network conditions. See the impressive results below!

Mitigating the impact of latency on backup speed

Latency can significantly hinder backup speed, especially when the backup repository is located far from the production setup. Under ideal conditions (latency <1ms), NBD can facilitate impressively high speeds, exceeding 250 MiB/s. However, as the distance to the storage increases, you'll notice a substantial drop in backup speed, a phenomenon consistent across both NBD and VHD export methods:

Here's the crucial difference with NBD: it allows for the simultaneous download of multiple blocks. Leveraging this capability can drastically alter the performance landscape:

Implementing parallel block downloads with NBD can significantly mitigate the impact of higher latencies. For instance, a 10ms latency link, which would typically slow down the process, becomes almost negligible with this approach. The speed enhancement is remarkable, with parallel downloads proving to be more than five times faster.

Even for backup repositories (BR) located at considerable distances (20ms latency and beyond), the speeds remain within a usable range. This makes remote backups more feasible and efficient.

💡
Beyond 50ms Latency: when dealing with extremely high latency (over 50ms), the most effective strategy is to first make a local backup using XO Proxies and then employ the Backup Mirror feature to asynchronously transfer the data to a distant site.

To tailor the backup process to your specific needs and infrastructure, you can adjust the number of NBD connections per exported disk. This setting is accessible in the Advanced backup job section and allows for further customization to optimize performance according to your network conditions and backup requirements:

Advancements in on-prem immutability

We're making strides in enhancing data protection with our ongoing work on immutability, particularly for on-premises environments. While it's currently possible to secure your S3 backups using the "object lock" policy available through your S3 provider's console (like AWS), our focus is on providing a direct, on-premises solution that doesn't rely on external providers.

We've made significant headway in preparing the immutability feature for an upcoming release. Our objective is to establish a Backup Repository (BR, or "remote") that Xen Orchestra can write to but cannot alter during the predefined immutability period. This restriction ensures that backups cannot be deleted, tampered with, or held ransom (encrypted) during this time, safeguarding them against ransomware attacks as long as the attacker doesn't have root access to the BR.

☝️
In data protection, governance mode allows select admins with root access to modify immutability settings, offering flexibility while safeguarding data. Compliance mode, on the other hand, locks settings so no one, not even admins, can alter them, meeting stringent regulatory standards. However, on your own hardware, physical access can override these protections. Choosing between governance and compliance depends on your security needs and trust in administrators.

We're targeting a governance type of immutability, where the local root account of the remote server retains the capability to override the immutability settings. This approach relies on the file system's capabilities, which we assess at the start of the protection process. Notably, this method is compatible with Xen Orchestra's encryption at rest feature. Both the protection and lifting processes require root access on the BR/remote. Upon initiation, the protection process records its status in the remote's metadata.json file, detailing the most recent protection applied and lifted.

To ensure robust immutability, it's crucial that Xen Orchestra does not control the immutability parameters directly. Your backups must remain secure even in the event of a compromise within Xen Orchestra. Consequently, achieving true immutability will always necessitate an "external" program and/or configuration independent of Xen Orchestra.

Our current testing phase is yielding promising results. Stay tuned for updates early in 2024 as we prepare to launch the first usable version of on-premises immutability. This feature aims to provide an added layer of security and peace of mind for your infrastructure's backup strategy.

🏷️ Scoped tags

Tags are incredibly versatile, used for everything from Smart Backup modes and sorting VMs to creating custom views and facilitating IT automation. But what if we could enhance their utility further? Enter scoped tags.

These allow for more nuanced categorization, perfect for when you have similar tags across different projects or clients but need to distinguish context. For instance, a "database" tag might have different implications in production vs. development environments. Our solution? Use scoped tags like "prod=database" and "devel=database" for clear, context-specific labeling.

You can also imagine to have scope "by customers":

But also, you can use emojis:

The potential applications for this new feature are as diverse as your needs, offering you the flexibility to optimize its use in your unique scenarios.

🆕 Misc

Santa is also delivering many improvements… Take a look! 🎁 🎅

http.useForwardedHeaders

You can already use your XO behind a reverse proxy (Nginx, HA Proxy…). But XO won't be able to log the IP of the "end user", only the reverse proxy one. Which isn't really useful in your logs and for security audits.

That's why we added the capability to fetch clients IP addresses from X-Forwarded-* headers. To enable it, you must modify your config.toml file with:

[http]
useForwardedHeaders = true

If you want to use the headers only for your "validated" reverse proxies, just replace true with a list of trusted addresses (ie your reverse proxy hosts).

SAML improvements

The improvements to SAML (Security Assertion Markup Language) integration in Xen Orchestra focus on enhancing security, particularly for sensitive applications. Initially, with a valid ongoing session, users wouldn't need to re-authenticate to access Xen Orchestra. However, for added security, especially when accessing sensitive software, it's sometimes preferable to require users to re-authenticate to confirm their identity.

The updated feature in the Auth SAML plugin for Xen Orchestra addresses this need by allowing an option to enforce re-authentication for all users, regardless of their session's validity. When enabled, this feature ensures that users and administrators must re-authenticate against the designated authentication provider, adding an extra layer of security known as "defense in depth." This means that even if a session is hijacked or otherwise compromised, the attacker would need to authenticate again, providing a significant barrier to unauthorized access. This improvement is particularly useful in environments where security is paramount, and user credentials need to be verified regularly to protect sensitive data and systems.

Change memory in a running VM

Adjusting the "static" memory allocation traditionally necessitates halting the virtual machine (VM), modifying the memory settings, and then restarting the VM. To streamline this process, we've introduced a simplified "two-click" method. When you alter the VM's static memory, Xen Orchestra (XO) recognizes if the VM is active and presents the following popup:

Now, with a single click on "Reboot," XO will automatically shut down the VM, apply the memory change, and restart it. This enhancement significantly reduces the steps and time needed to adjust memory in a running VM, making your daily operations more efficient.

Better error message on XO CLI

XO CLI needs to be "registered" (ie logged) on the XO server before doing anything. However, it wasn't obvious if you missed this step, especially because of a cryptic error like:

✖ TypeError [ERR_INVALID_URL]: Invalid URL

Not great, indeed. Now, you'll have a very more explicit feedback:

Please use `xo-cli --register` to associate with an XO instance first.

See `xo-cli --help` for more info.

📡 REST API

Some changes in the REST API, while adding more endpoints to manage XO via simple HTTP requests.

Expose mirror, metadata & config backup jobs

You can now request all the metadata & mirror backup existing jobs from our REST API. It's very easy to fetch them, just do a GET on /backup/jobs/metadata and /backup/jobs/mirror respectively.

Other changes

We also made various changes in the URLs, but for every change, we put redirections in place so it's transparent for you. First, /backups has been renamed to /backup. Then VM backup & Replication jobs have been moved from /backup/jobs/:id to /backup/jobs/vm/:id

🚀 XCP-ng 8.3 features

The latest features of Xen Orchestra (XO) are tailored for the newest, not-yet-in-production version of XCP-ng: 8.3. Here's what's new:

Show/edit IPv6 PIFs

With XCP-ng 8.3, you can now configure IPv6 settings directly on the host's physical interfaces. This long-awaited IPv6 support allows for more complex networking configurations and modern protocol support.

Enhanced coalesce detection

XCP-ng 8.3 introduces improved detection of ongoing coalesce tasks. The user interface has been refined to show which Storage Repositories (SRs) are currently coalescing across multiple views. This enhancement provides a clear, real-time insight into storage activities, helping you understand and manage storage performance better.

🔭 XO Lite

As we wrap up 2023, we're excited to introduce the first "functional" iteration of XO Lite. Key updates are displayed here, but you can also take a look at the official changelog.

XOA quick deploy

Deploying a Xen Orchestra virtual Appliance is now straightforward from the XO Lite interface. This new feature ensures you retain all capabilities known from the previous interface, streamlining the deployment process.

Number of running VMs in the tree view

To provide a clearer overview of your environment, we've added a small indicator ("pill") next to each host in the tree view. This indicator displays the number of running VMs, offering a quick snapshot of activity and load:

Better status panel component

We've paid attention to the finer details too. The status panel component now boasts better alignment, with all content correctly centered vertically. By using a generic component for all entries, the panel's readability and aesthetic appeal are significantly enhanced.