# XOA Support
This is the section dedicated to all XOA details and how to get support on it.
As a XOA user, you can open tickets in your support panel: https://support.vates.fr/.
# Technical Support
XOA is the only way to get our pro support, which is available remotely via SSH and a special tunnel.
# XOA Check
XOA check is a way to test if you XOA is correctly configured. It should be the first thing to do if you have any problem!
To run this check, in the web UI, you can access the support section in the XOA menu. In this section you can launch an
xoa check command:
# Support tunnel
Open a secure support tunnel so our team can remotely investigate on your XOA. For that, we need to get the "support ID". See below:
If your web UI is not working, you can also open the secure support tunnel from the CLI. To open a private tunnel (we are the only one with the private key), you can use the command
xoa support tunnel like below:
$ xoa support tunnel The support tunnel has been created. Do not stop this command before the intervention is over! Give this id to the support: 40713
Give us this number, and we'll be able to access your XOA in a secure manner. Then, close the tunnel with
Ctrl+C after your issue has been solved by support.
xoa-support is used by the tunnel. If you want to deactivate this bundled user, you can run
chage -E 0 xoa-support. To re-activate this account, you must run
chage -E 1 xoa-support.
# XOA VM Specifications
By default, the VM is configured with:
- 2 vCPUs
- 2GiB of RAM
- 20GiB of free SR space (2GiB on thin pro SR)
For use on huge infrastructure (more than 500+ VMs), feel free to increase the RAM.
# Alternative install
Please only use this if you have issues with the default way to deploy XOA.
# Via a bash script
Alternatively, you can deploy it by connecting to your XenServer host and executing the following:
curl -sS https://xoa.io/deploy | bash
This won't write or modify anything on your XenServer host: it will just import the XOA VM into your default storage repository.
If you are using an old XenServer version, you may get a
curl: (35) error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version
It means that the secure HTTPS protocol is not supported, you can bypass this using the unsecure command instead:
curl -sS http://xoa.io/deploy | bash
Follow the instructions:
- Your IP configuration will be requested: it's set to DHCP by default, otherwise you can enter a fixed IP address (eg
- If DHCP is selected, the script will continue automatically. Otherwise a netmask, gateway, and DNS server should be provided.
- XOA will be deployed on your default storage repository. You can move it elsewhere anytime after.
# Via a manual XVA download
You can also download XOA from xen-orchestra.com in an XVA file. Once you've got the XVA file, you can import it with
xe vm-import filename=xoa_unified.xva or via XenCenter.
After the VM is imported, you just need to start it with
xe vm-start vm="XOA" or with XenCenter.
# First console connection
If you connect via SSH or console, the default credentials are:
- user: xoa
- password: xoa
During your first connection, the system will ask you to:
- enter the current password again (
- enter your new password
- retype your new password
When it's done, you'll be disconnected, so reconnect again with your new password.
Here is an example when you connect via SSH for the first time:
$ ssh email@example.com Warning: Permanently added '192.168.100.146' (ECDSA) to the list of known hosts. firstname.lastname@example.org's password: You are required to change your password immediately (root enforced) __ __ ____ _ _ \ \ / / / __ \ | | | | \ V / ___ _ __ | | | |_ __ ___| |__ ___ ___| |_ _ __ __ _ > < / _ \ '_ \ | | | | '__/ __| '_ \ / _ \/ __| __| '__/ _` | / . \ __/ | | | | |__| | | | (__| | | | __/\__ \ |_| | | (_| | /_/ \_\___|_| |_| \____/|_| \___|_| |_|\___||___/\__|_| \__,_| Welcome to XOA Unified Edition, with Pro Support. * Restart XO: sudo systemctl restart xo-server.service * Display logs: sudo systemctl status xo-server.service * Register your XOA: sudo xoa-updater --register * Update your XOA: sudo xoa-updater --upgrade OFFICIAL XOA DOCUMENTATION HERE: https://xen-orchestra.com/docs/xoa.html Support available at https://xen-orchestra.com/#!/member/support Build number: 16.10.24 Based on Debian GNU/Linux 8 (Stable) 64bits in PVHVM mode WARNING: Your password has expired. You must change your password now and login again! Changing password for xoa. (current) UNIX password: Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully Connection to 192.168.100.146 closed. $
# Using sudo
To avoid typing
sudo for any admin command, you can have a root shell with
[05:24 27] xoa@xoa:~$ sudo -s We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. [sudo] password for xoa: [05:24 27] xoa:xoa$
# Network configuration
XOA uses DHCP by default, so if you need to configure the IP address, please run the command
xoa network static. It will ask you network details:
$ xoa network static ? Static IP for this machine 192.168.100.120 ? Network mask (eg 255.255.255.0) 255.255.255.0 ? Gateway 192.168.100.254 ? IP of the DNS server 192.168.100.254
Xen Orchestra is now accessible in your browser at
You can access the VM console through XenCenter or using VNC through a SSH tunnel.
If you want to go back in DHCP, just run
xoa network dhcp
By default XOA is firewalled, with only ports 22, 80 and 443 opened. You can see the current status of the firewall using the
sudo ufw status verbose command:
Status: active Logging: on (low) Default: deny (incoming), allow (outgoing) New profiles: skip To Action From -- ------ ---- 22 ALLOW IN Anywhere 80 ALLOW IN Anywhere 443 ALLOW IN Anywhere 22/tcp LIMIT IN Anywhere 22 ALLOW IN Anywhere (v6) 80 ALLOW IN Anywhere (v6) 443 ALLOW IN Anywhere (v6) 22/tcp LIMIT IN Anywhere (v6)
If you want to open or close ports, please check the documentation of UFW.
# Default XO account
Default user is email@example.com with admin as a password.
If you are using the default credentials, please create a new admin account and remove this one.
In any case, if you lose your password, you can reset the database and get the default credentials back.
You can verify that your time is correctly set with the
date command. To set XOA to your current timezone, use
sudo dpkg-reconfigure tzdata.
# Restart the service
You can restart Xen Orchestra by accessing XOA via SSH (or console) and running
systemctl restart xo-server.service.
To check the status of
systemctl status xo-server.service, it should display something like this:
xo-server.service - XO Server Loaded: loaded (/etc/systemd/system/xo-server.service; enabled) Active: active (running) since Thu 2014-08-14 10:59:46 BST; 21min ago Main PID: 394 (node) CGroup: /system.slice/xo-server.service └─394 node /usr/local/bin/xo-server Aug 14 10:59:46 xoa systemd: Starting XO Server... Aug 14 10:59:46 xoa systemd: Started XO Server. Aug 14 10:59:48 xoa xo-server: WebServer listening on http://0.0.0.0:80
# Migrate from an older XOA
If you still use the first XOA (which was not the "unified" version), you can easily migrate all your settings (ACLs, users, servers, etc) to the new version painlessly.
To do so, go into "Settings/Config" of your old XOA. Export the configuration: you'll download a
Now go to your new unified XOA, "Settings/Config" and import the
config.json file you downloaded previously, by doing a drag and drop: