XCP-ng 8.3 Beta 2

Today marks the exciting launch of the XCP-ng 8.3 Beta 2 installation ISOs 🎉! This release is the culmination of seven months of dedication and hard work on XCP-ng 8.3. Remember, this is still a pre-release version, so it's not intended for use in critical production environments.

To kick things off, let's dive into a quick FAQ to address some of the most pressing questions you might have.

ℹ️ FAQ

I already installed XCP-ng 8.3 Beta 1 (or any pre-release). Should I upgrade ?

No : just update the usual way (through Xen Orchestra or yum update). The installer will refuse to upgrade your system.

Who is this release for?
  1. Users who want to take part in the development of XCP-ng 8.3 through their tests and feedback.
  2. Users who want to test the new features in XCP-ng 8.3 (and, ideally, also provide feedback).
Where to provide feedback?

On the dedicated forum thread.

📖 Context

This release hit a bit of a bump due to some unexpected issues with UEFI firmware emulation, but thanks to our fantastic user community who jumped in to help troubleshoot, we managed to get things back on track. A big thank you to everyone involved! During this time, we kept fine-tuning XCP-ng 8.3. So, if you're just installing a fresh Beta 2, it might feel a touch behind the times. But don't worry: it just means you'll score some extra improvements when you update your system right after installing with the Beta 2 media.

In this post, we'll walk you through the updates and enhancements from Beta 1 to Beta 2 of XCP-ng 8.3, and what the latest updates bring to the table.

We're also taking this chance to invite you to an exciting test: upgrading from the old Xen 4.13 to the fresher, more advanced Xen 4.17!

💿 Download

SHA256 sums:

e0c795f32519c0ae37786f36e7e4c5f31a027f8448c51b61d0903b2d097fb291  xcp-ng-8.3.0-beta2.iso
80bd6d8c398db9da8058fee9c5f541200c4f6ed9eaa5b494cf734a22b21aa598  xcp-ng-8.3.0-beta2-netinstall.iso

What changes in XCP-ng 8.3 Beta 2

Since XCP-ng pulls in cool stuff from Xen/XAPI and other projects, and is also sort of a cousin to XenServer, we get to bring in, test and validate changes from all over the place, while building a coherent and stable solution. Let's dive!

Changes coming from XenServer

This update encompasses all developments made by XenServer from the launch of XCP-ng 8.3 Beta 1 up to October 2023.

Perhaps the most significant enhancement is the completion of vTPM support, which now ensures compatibility with Windows 11. Previously, while functional, vTPM lacked support for several features. With this update, snapshots, VM export/import, and live migration are now fully supported for UEFI VMs equipped with a vTPM. Additionally, a Windows 11 template has been introduced, automatically provisioning the necessary vTPM when a new VM is created, simplifying the setup process for users.

⚠️
Bitlocker is not officially supported: it works, but it implies Measured Boot, which is too sensitive to firmware changes. On an hypervisor, the emulated firmware can be updated at any time to fix bugs or security issues, causing the Windows VM to ask for the bitlocker recovery password when the VM starts. Use at your own risk!


XenServer developers worked on many other improvements in XAPI and related components, Xen, the Linux kernel, etc.

Changes coming from XCP-ng

On XCP-ng's side, in no particular order:

  • We rebased all packages on XenServer 8 preview + all updates up to early October.
  • Installer
    • rebased on latest upstream release.
    • better granularity in error messages displayed to users when install fails due to wrong system date, signature issues, etc.
    • re-allow interactive installation of driver disks on host during installation
    • avoid failed services in the installer (there were benign "failed" messages for services the installer doesn't actually use)
  • IPv6 support continued
    • IPv6 testing / automated tests.
    • fixed live migration failure due to upstream bug in ocaml-uri. Fix contributed upstream to ocaml-uri.
    • allow to use a CIDR for VIFs IPv4 and IPv6 allowed IPs. Feature contributed upstream to XAPI project.
    • xsconsole : allow to configure IPv6 via autoconf for the management interface. Feature contributed upstream to XAPI project.
  • Making XOSTOR available in XCP-ng 8.3. Another update is pending, so better wait for it.
  • Installer image generation: fixes and improvements.
  • VLAN display in xsconsole. Feature contributed upstream to XAPI project.
  • smartmontools updated to version 7, which adds JSON export.
  • Plugin added to use the data from smartmontools 7 in JSON format (initially contributed by Cécile, then improved by one of our developers)
  • Debian 12 template added.
  • Security fixes.
  • Added new tests to our test suite. For example this new test which exercises the vTPM features. Windows 11 is now also tested in our CI/CD.
  • Deleted the old, unsupported since XCP-ng 8.1, experimental EXT4 driver, superseded by the regular EXT driver. We're talking about an old experimental driver that you never used unless you installed the experimental packages in the XCP-ng 7.x era.
  • As in 8.2.1, lsscsi added to our repositories.
  • As in 8.2.1, more alternate drivers packaged.
  • As in 8.2.1, drivers updated and added to default installation: mpi3mr, igc, r8125 (including related firmware)
  • XO Lite installed by default. Don't miss our various announcement on XO Lite inside our monthly Xen Orchestra release blog post. The current bundled version isn't the latest one, but we are pushing an update very soon!
  • UEFI and SecureBoot support:
    • the version of XAPI included in XCP-ng 8.3 after Beta1 provides a new way to handle UEFI certificates at the pool level, implemented by XenServer developers, while we are trying to take both their and our needs into account.
    • we then adapted the automated tests for XCP-ng 8.3, based on new XAPI behaviour.
    • running the adapted tests revealed issues (one bug, but also more importantly that we did not fully understand each other regarding XCP-ng's needs). So we proposed a new design to the XAPI project, then implemented it. This hopefully concludes more than a year of intermittent work on this very topic.
    • from a user standpoint, despite all the work behind the scene, there aren't many changes. Mostly retaining the ability we had in XCP-ng 8.2.1 for users to download and install the default certificates from Microsoft (must run secureboot-certs install at least once on the pool after this update), or install their own.
    • fixed an issue on specific hardware used by one of the community testers, which would cause all UEFI VMs to fail. Another great example on how our great community can help the project!
  • Various diagnoses and fixes.

👷 What changed since Beta 2

While Beta 2 of XCP-ng 8.3 was undergoing stabilization, we continued our development efforts. By updating an existing XCP-ng 8.3 host (regardless of the installer version used) you'll benefit from additional enhancements.

These include updates ported from XenServer 8, with the latest rebase occurring on 2024-01-16. This integration brings four months of XenServer 8 advancements directly into XCP-ng 8.3, enhancing its features and stability:

  • Updated microcode for AMD and Intel
  • kernel: bug fixes
  • xapi: updated to version 23.31.0. Changelogs available at https://github.com/xapi-project/xen-api/releases
  • blktap: bug fixes
  • openvswitch: updated to version 2.17.7
  • qemu: bugfixes for PCI passthrough using multifunction devices
  • sm: updated to 3.0.12 + various fixes
  • various python2 scripts and libs ported to python3


Other XCP-ng changes:

  • edk2: rebuilt to embed a build of ipxe-efi which fixes PXE boot in UEFI
  • sm: Linstor-related fixes, IPv6-related fixes
  • updategrub.py script, used for adding or removing a boot entry for the alternate kernel, ported to python3.

Known issue

Due to alterations in formatting and a misplaced variable within XAPI, Xen Orchestra is experiencing issues with host & VM statistics. Efforts are underway to resolve this, and the now identified problem will be corrected in the next days with the next round of XCP-ng 8.3 & Xen Orchestra updates. This problem does not affect XCP-ng 8.3 Beta 2 but arises with updates post-installation. To bypass this issue, consider delaying updates until the problem has been fully resolved.

🐼 Xen 4.17

Thanks to the diligent efforts of the XenServer developers and our team, we're excited to offer an update from Xen 4.13 to Xen 4.17 for your XCP-ng 8.3 test servers! This is a unique opportunity to deliver early feedback directly to the developers at XenServer and the Xen Project.

We invite you to participate by installing the experimental Xen 4.17 packages on a variety of hardware setups. After installation, simply reboot your system, verify the functionality of your usual applications, and share your findings with us. Detailed instructions and a space for discussion can be found on this forum thread.