XCP-ng 8.2.1 update for 8.2 LTS

We are happy to announce the release of XCP-ng 8.2.1.

What is XCP-ng 8.2.1?

It's a maintenance update for XCP-ng 8.2 LTS, which has its own version number because it also comes with updated installation images.

XCP-ng 8.2.1 is still XCP-ng 8.2 LTS. It's the same, that just reached a new numbered milestone.

📔
To update, follow this guide. You can also join the discussion on our community forum. Hosts reboot necessary after this update.

What should users of XCP-ng 8.2 LTS do?

Just update as you would do for any other update to XCP-ng 8.2 LTS.

⚠️
If you want to update through Xen Orchestra's Rolling Pool Update feature, make sure your version is at least 5.69.2, otherwise VMs may fail to migrate.

It is not a security update, so you can also schedule the update at the same time as the next security update when one is released. The update process would then install both updates.

💿 Updated installation images

The 8.2.1 installation images include every update since the release of XCP-ng 8.2, including this 8.2.1 update.

✨ Enhancements

It's a maintenance update, so bringing new features is not the main goal here. It does contain a few enhancements however.

  • Rocket Lake processors are now supported.
  • Secure boot for VMs is now supported. You will find the full documentation here.
⚠️
Read the docs before using it: there are important things to understand about the pool's configuration and what kind of VMs you can enable Secure Boot for (or can't).
  • The installation of Microsoft's KB4535680 update, that used to fail, now works.
  • A few components like qemu are updated to pave the way for future vTPM support. I said future. It's not available yet.

📋 Other notable changes

  • Installer fixes
  • Guest template for Windows Server 2022 added.
  • Log rotation. Log files should now be automatically rotated if they reach a size of 100M, without waiting for the daily log rotation. This will better handle the situations where a single log file grows up very fast to the point of filling the log partition.
  • Updated device drivers: avago-mpt3sas, intel-ice, intel-ixgbe, qlogic-fastlinq, qlogic-netxtreme2.
  • The default console menu, xsconsole, was updated and includes an improvement that we had contributed to Citrix: when the XAPI service is unreachable on the host, xsconsole will display a useful error message instead of the misleading "no network configured".
  • A bug that we discovered and reported upstream regarding the handling of web pages over HTTPS on the host when HTTP support was disabled has been fixed, so we could finally enforce HTTPS for the host's web page. Any request to get the web page on port 80 will reply with a 403 error.
  • Our alternate kernel was rebased on kernel.org's 4.19.227 release.
  • samba and openssl were updated, which fixes various CVEs. The update to the samba packages pulled several new dependencies such as gnutls, nettle, python-tdb, ...
  • Ciphers now considered weak were disabled in SSH configuration files.
  • xenserver-transfer-vm was removed.