Release

Xen Orchestra 5.97

This month, we bring major updates to Xen Orchestra, including improved CBT stability, V2V enhancements, new views in XO6 and exciting new features!

Olivier Lambert

Jul 31, 2024 • 13 min read

It's been only 3 weeks since our latest release (we've been one week late last month), but we managed to make a massive release anyway ✨

I'm particularly happy about the progress made in XO 6 preview, with many components that are now used to display more information. I hope we'll be able to keep up this pace! For the rest, it's also significant, with dozens of improvements and new features, including under the hood, for example by making more robust the new CBT backup logic, or adding multiple layers of cache in XO.

👨‍🚀 Project & Community

This month brings a lot of exciting news: the release candidate for XCP-ng 8.3, the announcement of our organization of the next Xen Project event in Grenoble, and important security updates!

XCP-ng 8.3 RC 1

After five busy months since the release of XCP-ng 8.3 Beta 2, we are closer than ever to the final release with the XCP-ng 8.3 Release Candidate 1! This release candidate meets our quality standards and is now available for our user base to gather the final bits of feedback.

XO Lite, UEFI Secure Boot, PCI passthrough API, and many other features are included in this release. Take a look, and don't forget to provide us with your feedback!

Hosting the future of Xen

At Vates, our commitment to the Xen Project goes beyond technical contributions. We're excited to announce the next Xen Meetup in Grenoble, where we'll connect minds, share knowledge, and drive innovation. Join us as we bring together community members, researchers, and students to shape the future of Xen.

Read more about our journey and upcoming event in our latest blog post:

XCP-ng July 2024 Security Updates

In our monthly round of security updates, we've included fixes for XSA-458 and XSA-459. Remember to stay protected by regularly checking and updating your machines!

Let's dig into this new release now 🤿

💾 Backup

This month brings significant updates on the backup front! We've made major improvements and enhancements to ensure more robust and reliable backup processes.

CBT stability improvements

This month, we've focused on improving the stability of our CBT (Change Block Tracking) feature. We've ensured that the "purge snapshot data" function is called at the end of each transfer, preventing any lingering data issues.

Additionally, we've enhanced the NBD (Network Block Device) functionality. NBD now respects the default backup network settings, if configured, and attempts to connect through all possible hosts before failing. This is particularly crucial when no default backup network is set, as hosts with multiple networks might have some networks that aren't accessible by XOA/proxy.

Furthermore, we've retained the error message for disks still attached to dom0, as this is often the root cause of other issues. While this may increase the number of failed backups, it is a necessary step to prevent more significant infrastructure problems down the line.

⚠️

Note that with just two recent versions of Xen Orchestra (XO) available for feedback, the codebase is still relatively new. Therefore, we recommend switching to CBT only if you're not in a critical production environment or are experiencing coalesce issues with traditional backups.

Feedback can be done in here: https://xcp-ng.org/forum/topic/9268/cbt-the-thread-to-centralize-your-feedback/

More info in backup reports

Our newly revamped backup reports now include more detailed information about the backup job. You can now see if NBD is being used, if CBT is active, and if "Purge snapshot data" is enabled, providing a clearer overview of your backup operations:

Avoid sending reports for skipped backups

Backups can be skipped for two main reasons: VDI chain protection or an ongoing job. Sometimes, you're aware that a backup might be skipped and you don't need to be notified. To address this, we've added an option to avoid sending reports for failed jobs only, not the one skipped, reducing unnecessary notifications.

Metadata backup report recipients

For a while, you've been able to receive reports for your regular backups and add extra recipients. However, this functionality wasn't available for metadata backups: until now. We've fixed this issue, so you can now enjoy comprehensive reports for all your backup methods, sent to all your desired recipients.

🦾 Hardware integration

Say hello to this new section! As we continue to collaborate with more hardware partners, we are providing increasingly exclusive integration between the hardware and our virtualization stack. This effort enhances the overall performance, monitoring, and management capabilities of our solutions, delivering a more seamless and efficient user experience.

2CRSi hardware info

This new preview is the result of our previously announced partnership with 2CRSi. If you are interested in acquiring these machines, take a look at this blog post and register:

This is what you could view in the XO/Host view:

As shown in the screenshot, when XO detects that your machine is a 2CRSi Mona 1.14GG, it will display various hardware details: the IPMI address, total power usage, PSU status, highest CPU temperature, fan status, and more.

We are collaborating with 2CRSi not only to display this information but also to monitor the values provided by them, as they are the manufacturer of the machine. These technical discussions are very interesting and allow us to provide even more vertical integration between hardware and software.

🛰️ XO 6

Since the last release, you can already access the XO 6 preview by adding /v6 at the end of your XOA URL. We have accelerated the pace of visible changes, and we hope you will love the new enhancements!

New components

This month, we have introduced many new components, most of which are already integrated. Rather than going into deep details, we’ll showcase a few highlights:

ObjectLink, which… provides a link to an object.

Pool view

The pool view now features two tabs: Hosts and VMs. Each tab contains a table of all associated objects, utilizing the new components we've created.

Host view

The host view now includes a tab listing all the VMs linked to the host, providing a more organized and detailed overview.

Quick tasks view

XO 6 now displays XO tasks by fetching data directly from the new REST API! We support the full complexity of the new XO tasks, including subtasks, progress, duration, and date.

🔭 XO Lite

This month, we had to split XO Lite and XO 6 category, because we had too much content at once!

Preload online if available

Traditionally, XO Lite relied on direct internet access to load its JavaScript files from an index.html hosted locally on your server. This approach had its advantages: it ensured you'd always have access to our latest "SaaS" version. However, this method had a significant drawback - it wouldn't work if you were in an airgapped environment or had blocked our website in your firewall.

To address this limitation, we introduced a "local only" solution, where the JavaScript files were bundled and loaded from your server. This approach worked offline, but it also meant we'd need to distribute updates as part of XCP-ng packages - a balance that required finding the sweet spot between frequent updates and minimizing the burden on users.

This month, we've implemented an even better way to strike this balance. XO Lite now includes a feature that allows you to fetch the latest JavaScript files from lite.xen-orchestra.com if they're accessible online. This means you can benefit from more recent updates before they're included in an XCP-ng release. If online access isn't available, don't worry - the application will automatically fall back to the bundled version, ensuring uninterrupted functionality.

XO access button URL

xo-server has a config setting http.publicUrl that allows the user to force XO to report a custom URL in the pool's other_config (along with the networkInterfaces fallback). With this change, the "Access XOA" button in XO Lite will open that URL if it exists and fallback to networkInterfaces otherwise.

Improved tree view

We have enhanced the indentation of empty items in the tree view to optimize readability. This small but significant change makes navigating and managing your resources much clearer and more intuitive.

See the before and after:

Indentation was broken and makes the tree confusing for empty items

Everything now stays aligned, which is a lot better!

And guess what's great? This improvement is valid for both XO 6 and XO Lite at once! This is another proof that working on the same design for both versions was a great idea. By maintaining a consistent UX design across XO Lite and XO 6, we ensure a seamless user experience. Users can transition between the two versions without any confusion, as the interface and functionalities remain familiar. This consistency not only improves usability but also streamlines our development process, allowing us to implement enhancements and fixes more efficiently across both platforms.

Ultimately, a unified design philosophy enhances our ability to innovate and respond to user feedback, delivering a superior product.

🪐 XOA

We are now focusing on two primary methods to deploy XOA: from XO Lite and through the web deployment on Vates.tech. To streamline our maintenance efforts, we are updating the URL of the old deployment method and deprecate it at the same time.

🚀 XCP-ng 8.3 features

As the release of XCP-ng 8.3 approaches, we are finalizing all the new features to be ready on Day 0 in Xen Orchestra!

Accurate secure boot status

This feature was a bit tricky due to its complex logic. However, through excellent collaboration between the XCP-ng and XO teams, we have implemented the proper logic for the VM secure boot feature in the XO UI.
Now, we can handle all the different scenarios to ensure that when secure boot is enabled, the VM will indeed use it, preventing any confusion.

📡 REST API

Expose servers

We are now exposing servers at the /rest/v0/servers endpoint. You can list all the connected servers (ie masters of a pool) by a simple HTTP GET command. Passwords are obviously obfuscated.

curl \
  -X GET \
  -b authenticationToken=KQxQdm2vMiv7j \
  'https://xo.company.lan/rest/v0/servers?fields=*'

This will return all fields:

[
  {
    "allowUnauthorized": true,
    "enabled": true,
    "host": "192.168.1.1",
    "label": "Host1",
    "username": "root",
    "readOnly": false,
    "id": "1",
    "status": "disconnected",
    "href": "/rest/v0/servers/1"
  },
  {
    "allowUnauthorized": true,
    "host": "192.168.1.10",
    "label": "Host2",
    "username": "root",
    "enabled": true,
    "readOnly": false,
    "id": "2",
    "status": "connected",
    "poolId": "d1a68625-e4f6-4ff0-acfb-2076d2ae6a79"
    "href": "/rest/v0/servers/2"
  }
]

Expose VDIs in VMs

VDIs of a VM, or a VM snapshot, or a VM template, can now be fetched easily by appending /vdis at the VM's endpoint. The REST API is doing the "resolution" of the VDIs automatically, because they are not objects connected directly, but going via a VBD. This makes it easier for you to list VM's disks!

To fetch it:

curl \
  -X GET \
  -b authenticationToken=KQxQdm2vMiv7j \
  'https://xo.company.lan/rest/v0/vms/66e74b91-11e7-47fa-9dbf-2bb0f0686177/vdis?fields=*'

And the result:

[
{
  "type": "VDI",
  "cbt_enabled": false,
  "missing": false,
  "name_description": "Created by XO",
  "name_label": "xoa root",
  "size": 21474836480,
  "snapshots": [],
  "tags": [],
  "usage": 20695233024,
  "VDI_type": "user",
  "current_operations": {},
  "other_config": {},
  "$SR": "1f627a63-79ec-152b-9194-46648d8c6b7a",
  "$VBDs": [
    "f8229cd2-3d08-f27a-3f90-6379b579662f"
  ],
  "id": "6e54d687-a964-494f-bf85-8b8c4652129b",
  "uuid": "6e54d687-a964-494f-bf85-8b8c4652129b",
  "$pool": "e238a5af-eb88-75e1-0017-2c519aa297e7",
  "$poolId": "e238a5af-eb88-75e1-0017-2c519aa297e7",
  "_xapiRef": "OpaqueRef:5220a2be-f59a-43a6-89f0-73ab28e1f43b",
  "href": "/rest/v0/vdis/6e54d687-a964-494f-bf85-8b8c4652129b"
}
]

🐦 VMware to Vates (V2V)

We've made significant strides in improving warm migration and fixing multiple bugs. By managing more VMware errors and edge cases, our system is now more robust, resulting in a higher success rate for migrations.

Remember that the V2V documentation is now available in here:

🆕 Misc

This month, our updates aren't just about minor visible changes in the XO 5 UI; we've also made significant improvements to the underlying mechanisms, which greatly reduce the overall load, especially noticeable in medium to large infrastructures.

Buffered tasks events

Since our previous release displayed all XO tasks, we noticed a high frequency of tasks triggered every minute. To enhance efficiency, we introduced a buffer for these task events. These events are now deduplicated and handled sequentially on the next tick, avoiding potential race conditions.

In simpler terms, by reducing the number of API calls, we've lowered the overall load on Xen Orchestra.

Cache support for XAPI calls

Following the same principle as buffered task events, we've improved how Xen Orchestra sends calls to your XCP-ng hosts (or XenServer, if you're still using it).

This is crucial because, as the central component, xo-server can now group and cache hundreds of calls simultaneously, drastically reducing the number of XAPI calls. This optimization saves both bandwidth and XAPI load for all these requests. We are confident that at a decent scale (like dozens of XO clients at once), these improvements will significantly reduce your XO load and the number of XCP-ng API calls.

Force leaf coalescing

This feature is somewhat niche and shouldn't be necessary for most users. However, for those using thick provisioned storage, when space is fully allocated and freeing up some space doesn't seem to help, you might want to expedite the coalescing process rather than waiting for the garbage collector to trigger automatically. In such cases, you can now use the "Coalesce Leaf" button. Use this option wisely if you are not fully aware of its implications.

Behind the scenes, this process will suspend the VM, start the coalescing, and then resume the VM. There are specific scenarios where this could be beneficial. However, given the variety of configurations, we cannot test this feature in all environments. Therefore, we strongly advise using it only in desperate situations and ensuring you have backups.

You can read the XenServer doc about this for more details.

Reattach SR with extra warning

To enhance clarity and prevent accidental data loss, we've added an extra warning window when re-attaching a Storage Repository (SR). This additional step ensures that users do not inadvertently recreate a fresh SR on top of an existing one, safeguarding your data and configurations.

Self service bypass quota as an admin

Before this release, even an admin could not create, modify, or add a VM in the self-service portal if it exceeded the configured quota. However, there are exceptional cases where this limitation might need to be bypassed. Now, the super admin has the flexibility to bypass quotas and perform necessary actions without restrictions. This enhancement ensures that admins have the control they need in critical situations.

More translations

We're thrilled to continue bringing Xen Orchestra to a global audience! A huge thank you to our amazing community for providing translations, which we're delighted to incorporate and make XO even more accessible worldwide.

Xen Orchestra 5

We added Persian (Farsi) language in Xen Orchestra 5, available in your user zone (the "user" icon under the "Sign out" entry):

We've expanded our language support to reach a new total of 14 languages with XO 5! We also added Swedish this month, to our existing choice of English, French, Russian, Spanish, Hungarian, Italian, Polish, Portuguese, Swedish, Turkish, Hebrew, Chinese, Japanese - making Xen Orchestra more accessible than ever.

XO Lite

XO Lite is now also available in Persian, added after English, French and German.