Xen Orchestra 5.93

Many announcements but also cool new features for this 5.93 release!

Xen Orchestra 5.93

In the latest Xen Orchestra release, we are talking about exciting advancements include many new partnerships, but also brings improvements and bug fixes in backup functionalities, VMware to Vates (V2V) import capabilities, and high availability features directly manageable from Xen Orchestra. Furthermore, USB passthrough is now more accessible, and there's notable progress on Project Pyrgos for Kubernetes cluster creation.

The update also focuses on user experience improvements with various UI enhancements.

🎵
And here is the podcast version of the release!

👨‍🚀 Project & Community

March was also a very very busy month. Since the CloudFest, we announced so many things, I don't know where to start!

Back from the CloudFest

If you want to read what happened there, you can read the full recap here:

CloudFest 2024: highlights
CloudFest 2024 has been a landmark event for our team, filled with pivotal announcements and significant moments. While you may have caught some of the headlines last week (see below), there’s much more to share about our experiences and the promising opportunities that unfolded! Bringing modern virtualization in the Arm-powered

To put it simply, we connected with hundreds of people, showing them how our technology works through many live demos, including with a real server at our booth. We also had great talks with big companies like OVH, Hetzner, HPE, SuperMicro… which was really exciting for us!

But first, let's focus on the actual partnership we announced 👍

Our first OEM partnership with a server manufacturer

In partnership with 2CRSi, known for their efficient and powerful computing solutions, we, at Vates, are introducing an important advancement in server technology: the Mona series, powered by AMD, bundled with XCP-ng out-of-the-box!

Simplifying IT: 2CRSi’s Mona Servers with XCP-ng Onboard
Vates announces a partnership with 2CRSi at CloudFest! Discover Mona servers with XCP-ng pre-installed, simplifying server management and enhancing Xen Orchestra integration for a seamless out-of-the-box experience

Read the article to learn more about the great tech specs of those machines, and if you are interested, please let us know in the form. The exact pre-configured models are not set yet, we want to discuss that with you so we can provide the best configurations available!

A new partner: IONOS, hosting/Cloud provider

Yes: We've teamed up with IONOS, a giant in cloud services, and we are working to get our virtualization platform XCP-ng as a "turnkey" option (ie pre-installed) in the servers you want to rent. This is all about making it simpler for you to set up your own private cloud, offering an alternative to the usual options like an hosted VMware environment for example.

Vates and IONOS partnership
Discover how our partnership with IONOS will help you to deploy XCP-ng very quickly on a turnkey environment.

But first, to build the best offers, we need to know exactly what kind of offers you would be interested into. Like how many machines, the environment and such. With this kind of information, IONOS and us could build together the most adapted offer for your business. So please, fill the form in there so we can keep in touch: you'll have both someone from Vates and IONOS on the line to understand your requirements!

We need your feedback to build those offers!

Technological collaboration with Ampere Computing

Bringing modern virtualization in the Arm-powered Datacenter
Learn about our exciting collaboration with Ampere Computing, a major stride in advancing efficient virtualization within the datacenter.

We are thrilled to announce the start of a technical collaboration project between us and Ampere Computing, pioneer in energy-efficient & high performance arm-based processors. This not a "short term" collaboration, in fact pretty much the opposite. It's a commitment to open our world from x86 to Arm in the datacenter. The road is long, but we have now a powerful ally to help us delivering a battle-tested solution on top of their cool CPUs!

VEEAM as supported agent-based backup solution

If you are a VEEAM fan, be assured that you can use VEEAM agents in XCP-ng VMs to do your "application-aware" backups. We added it in the XCP-ng documentation. Note that we have many users here coming originally from VMware & VEEAM, finding Xen Orchestra easier to use for VM backups. However, if you are a hardcore fan of it, feel free to let VEEAM knows about it, so they can build a native VM backup capability into it.


And now, it's time to talk about our XO release! The full changelog is available here.

💾 Backup

This month, while we didn't introduce new features in the backup area, we focused on enhancing existing functionalities and resolving bugs. Most notably, after years of refinement, we're proud to announce that our S3-backup feature has achieved stable status, having operated flawlessly for months. Similarly, our backup encryption has proven its reliability and moves beyond beta to be deemed production-ready.

🐦 VMware to Vates (V2V): another import capability

Our current process for importing VMs from VMware directly connects to your ESXi host or vCenter to pull all VM metadata and data, streaming this content into XCP-ng. For older VMware versions, we can reduce downtime significantly. However, for VMware versions above 6.5 using VMFS, disk file locks prevent snapshot exports. To address this, we’ve introduced a workaround:

  • On VMware, you'll need to create an NFS datastore and migrate your VM disks to it.
  • In Xen Orchestra, connect to this NFS datastore and name it [VMWARE]datastorename, where datastorename is the exact name of the datastore on VMWare side. This connection allows Xen Orchestra to bypass the disk locks and directly fetch VM disks from the NFS share, facilitating a smoother import process regardless of the VMware version.

This new method provides flexibility and efficiency in VM imports, offering a solution to the challenges presented by newer VMware versions.

🔄 High Availability

While it was possible to set it with the xe CLI before, it's now possible to enable XCP-ng HA directly from Xen Orchestra. First, please read more about it in our XCP-ng documentation:

High availability | XCP-ng Documentation
High availability (or HA) in XCP-ng world is the ability to detect a failed host and automatically boot all the VMs that were running on this host to the other alive machines.

Then, to enable it, you need to go in the Pool "Advanced" tab and toggle the "High Availability" setting:

Then, a modal window will let you set the heartbeat SR:

You can also disable it easily, which is required for every maintenance task:

⚠️
High Availability (HA) management requires thorough understanding before activation, as improper use can ironically decrease service availability. Enabling HA in an unstable network or storage environment may lead to frequent host reboots and lower uptime. The essential consideration is whether HA is a desire or a necessity for your business operations; if it's merely a want, it might be best to reconsider its implementation.

🔭 XO 6 and XO Lite

We continue to work on the new UI, both for XO 6 and XO Lite, sharing the same base components.

New components

This month, we've introduced numerous new components, closely aligned with the design system we unveiled last month. We're nearing completion on crafting these from the UX designs, setting the stage for their integration into the new user interfaces for both XO 6 and XO Lite. The progress showcases the extensive effort put into development recently, although not all components are displayed here, it gives a glimpse into the work accomplished.

The tag component
The "chip" component
The UiCounter component

Our intensive development phase is nearing completion, preparing us to start incorporating the newly developed components into the XO Lite and XO 6 interfaces. With this groundwork laid, you can anticipate seeing tangible updates in the UI next month, marking a significant milestone in our project's progress.

⚖️ Load balancer

We've introduced a feature in the load balancer plugin allowing the spread of VM vCPUs across the maximum number of physical CPUs, enhancing performance by optimizing hypervisor scheduling.

This optimization kicks in when pool usage is below 40%, ensuring efficient resource allocation without unnecessary overhead. While this setting isn't customizable yet, we're open to feedback for future adjustments. This strategy ensures VMs are primed for peak performance when needed, utilizing available physical cores to their fullest.

🖱️ USB passthrough

USB passthrough functionality is now integrated into Xen Orchestra's web UI, allowing for straightforward management of USB devices. From the host's 'Advanced' tab, users can view and enable available USB devices, making them assignable to VMs:

Additionally, within the VM's "Advanced" view, it's possible to create and attach vUSB devices to the VM:

💡
Note that while new USB devices can only be connected when the VM is off, they can be unplugged while the VM is running.

☸️ Project Pyrgos (k8s)

Over the past few months, there hasn't been much news about our project Pyrgos, which simplifies the process of creating a Kubernetes cluster from the Xen Orchestra UI with just a few clicks.

The reason behind this silence is that we've been dedicated to enhancing its capabilities. We've transitioned from utilizing apt for the installation of Kubernetes binaries to a more reliable method that guarantees the capacity to install every version we list.

Significant updates have been made, including upgrading containerd to version 1.7.13, CNI plugins to version 1.4.0, Crictl to version 1.29.0, and Runc to version 1.1.12, which notably addresses a severe vulnerability CVE-2024-21626.

Additionally, we've laid the groundwork that will enable us to manage clusters directly from XOA, marking a significant advancement in our project's development!

🆕 Misc

Another busy month, even for the "Misc" section!

Using ISO 8601 format for numeric dates

Initially, Xen Orchestra displayed dates in the user interface language, accommodating 11 different languages. Yet, almost all our users are setting the application language in "English", and they found the US date format confusing and impractical, especially for sorting (sorry for my US friends in here).

To address this, we've adopted the ISO 8601 standard, which is both universal and user-friendly, facilitating easier handling and consistency across various regions. This change aims to enhance usability and efficiency in managing dates within Xen Orchestra.

Before:

And after:

If you want to learn more about it, you have this excellent Wikipedia article:

ISO 8601 - Wikipedia

Automatically create a vTPM when needed

When you select a vTPM-required template (like Windows 11), XO will automatically create the vTPM device for the VM. XO is fetching this information from the template itself.

OTP now requires validation

This prevents users from forgetting to add OTP account in their application and thus being locked out from their own XO:

OTP supported on the JSON-RPC API

When we introduced OTP support in XO, we enforced the check during the login on the web UI. However, it wasn't checked during the usage of our JSON-RPC API. It's now required to also use it, for example with our XO CLI tool:

xo-cli --register --otp 157218 xo.example.org jane.smith
Password: *********
Successfully logged with jane.smith
💡
The REST API isn't affected because you need to generate first a token from it.

Show current tags in advanced tag creation

Previously, adding a color to an existing VM tag in Xen Orchestra required searching for the tag, a cumbersome process especially with multiple tags. Now, there's a streamlined way to view all your tags and easily modify their colors, enhancing usability and efficiency in tag management

Boot firmware check

If you are using a VM template that does NOT support BIOS (or UEFI), you will be warned if you decide to change for an incompatible boot firmware:

To do that, we read the recommendation that built-in within the template itself.

Default SR is easier to setup

Previously, you could already setup a default SR by hovering on your SR list and clicking on a dedicated icon. However, the discoverability of this feature was sub-optimal, so we decided to add a dedicated selector in the SR/Advanced tab:

Replug all VIFs and PIFs after MTU change

During our last release, we added the capability to change the MTU. However, you needed to either reboot your host or replug all the physical interface objects (PIFs) for the change to take effect. XO will do that replug automatically for you now!

Display console zoom

While it was already possible to zoom on your VM/host console, it wasn't really practical with only a slider.. We added a field to enter a percentage value (100% by default), so you can zoom and unzoom pretty easily to the level of your choice!

Display more information for auth tokens data

We improved the view that's displaying all the auth tokens in use, with capital information: the last used date for the token but also the IP address using it. This way, you can monitor really easily what's going on.

It's a global improvement on security, because you could easily spot things that are not usual.

Remove a protected template

All the "default" templates (bundled with XCP-ng) are protected against deletion, and it's the same for templates coming from VMs with the "protect from deletion" attribute. Now, if for whatever reason you want to delete them, you can from XO directly.

Correctly report large BR size

It could have been only a bug fix, which is usually not presented here but in our changelog. However, this change is meaningful for people with large backup repository, where we can now correctly report the size used and the total size!