XCP-ng 8.3

Release Oct 7, 2024

We are excited to introduce XCP-ng 8.3, the final release in the 8.x platform series. This marks a significant milestone for our community and sets the stage for exciting developments in the future.

Download 8.3 ISO

To download the netinstall version, along with all signatures and SHASUMs, visit xcp-ng.org and select "Download 8.3 Latest."

đź’ˇ
A more technically detailed version can be found in our official release notes, we strongly suggest to read them. This blog post provides an overview on what's new, without entering into all the details.

Building momentum

The development of XCP-ng 8.3 has been an incredible journey, and the numbers behind the effort truly speak for themselves:

  • 450 cards meticulously tracked in our Kanban board
  • 1200 builds processed through Koji, our build platform
  • 1000+ messages exchanged in forum threads dedicated to 8.3 testing (and that’s not counting the spin-off discussions)
  • Thousands of test runs conducted to ensure the quality and performance of the release
  • 11,000+ downloads of pre-release ISO images by our community
  • One full week just to write the release notes: seriously, please take the time to read them!

🔥 Teamwork

First and foremost, I want to extend a heartfelt thank you to everyone who contributed to this release. As you can see, the amount of work that has gone into XCP-ng 8.3 has been immense, and while our work is never truly finished until a version reaches end-of-life, this is a moment to celebrate. With this release, we have laid a strong foundation for both short and mid-term features that will keep XCP-ng moving forward, even as we prepare for bigger developments on the horizon.

đźš« Stability: 8.2 LTS remains the gold standard

It's crucial to remember that XCP-ng 8.2 LTS continues to be the benchmark for stability. With a proven history of reliability, complemented by monthly security updates and bug fixes, 8.2 remains unmatched for those who prioritize stability above all. However, while 8.3 will evolve faster and receive more features, we maintain the same high-quality standards that our testers, from the first XCP-ng Alpha to today, can attest to. We've also significantly enhanced our test process automation over the past two years, ensuring that even with its cutting-edge advancements (without being bleeding edge), 8.3 remains a reliable and robust choice.

🚀 The Vates Stack: a major shift

I’d like to take this opportunity to reflect on the massive changes since the initial release of XCP-ng 8.2 LTS. XCP-ng 8.3 marks our first "dot release" under our new business model, and it has been a game changer for our growth—thanks in part to Broadcom, but not only. By consolidating all our products into a single, straightforward offer (with no "per socket" or "per core" pricing), we’ve made it much easier to support users migrating from VMware, driving impressive growth for our business.

Subscribe to XCP-ng and Xen Orchestra

Since adopting this model, we’ve truly entered a new dimension. In just two years, Vates has expanded from 20 to over 60 employees, and we’re on track to reach 100+ next year. We’ve also been featured in the Gartner guide for three consecutive years, and we’ve introduced a robust training and certification program, while building a tremendously successful partner program.

This leap wouldn’t have been possible without the trust of our customers. Thanks to you, we’re reshaping the server virtualization market, and the future promises even greater achievements.

đź”­ Moving forward: evolving beyond XenServer

This release also represents an important evolution for us. With XCP-ng 8.3, we are increasingly standing on our own while continuing to work closely with key upstream projects like Xen and XAPI. Although we’ve encountered challenges with Citrix (now Cloud Software Group) XenServer’s decision-makers, particularly when it comes to platform-related development, our direct collaboration with these upstream projects has allowed us to make significant progress. This shift enables us to innovate and shape the future of XCP-ng with a vision that aligns more closely with the needs of our community.

We’ve already begun laying the groundwork for XCP-ng 9.0, a platform that will be built differently from XenServer, reflecting our own vision and the lessons we’ve learned. This next major release will target markets that XenServer has never truly focused on, such as server virtualization replacements for organizations impacted by the Broadcom/VMware exodus. However, if there’s an opportunity to share maintenance on certain packages with XenServer, we will always prioritize working together first, as collaboration is often the most efficient way forward.

Our success in migrating even very large customers from VMware to our virtualization stack has reinforced our strong position as a contender in this space. This tremendous success may also prompt XenServer decision-makers to reconsider their stance. Collaboration, after all, would be far more efficient in driving progress than wasting resources competing, especially as XenServer loses ground as the leader of its own original platform.

This release is also the opportunity to look back in the mirror: since our initial fork from XenServer, the efforts made by our team have increased exponentially. The work we've accomplished since XCP-ng 7.4 has multiplied by a factor of 15. At this pace, we may soon surpass the original platform, if we haven’t already. We remain deeply grateful to the XenServer team for their contributions, despite the challenges we faced with upper management. Our success today is built on that foundation, and we look forward to building an even brighter future, one that aligns more closely with the needs of modern infrastructure.

Upgrade from previous releases

You can upgrade to XCP-ng 8.3 from XCP-ng 8.0 up to 8.2.1, or even any 8.3 pre-release to this version. However, there's multiple things to know about it, so please read carefully our release notes on this first. Don't miss our various warnings to avoid any unpleasant surprise.

⚠️
Only upgrades using the installation ISO image are supported. An in-place upgrade using yum is not possible nor supported. Please carefully read the release notes, especially the Deprecations and Removals, Attention Points, and Known Issues sections before performing the upgrade.
đź’ˇ
Users who installed a prerelease of XCP-ng 8.3 must upgrade to the final 8.3.0 version using the installation ISO image. The only exception is for users who installed XCP-ng 8.3 RC2 or have already upgraded to RC2 using the installation ISO image. These users can simply update their system without needing the ISO image.

What's new in XCP-ng 8.3

Let's break down the changes in multiple categories:

  • 🖥️ Visible changes: things that will be directly visible when installing/using XCP-ng locally.
  • ✨ New features: visible when used via Xen Orchestra or any other client.
  • 🛠️ Under the hood: less visible but however important changes.

🖥️ New theme

Since we updated our identity, this release is an opportunity to match it on the XCP-ng level. You now have  a new boot splash screen, terminal console and colors:

🖥️ XO Lite integration

XO Lite is now directly embedded in your XCP-ng! Going to your host HTTPS URL will directly show you this now:

And then the dashboard:

As of today, XO Lite offers a range of powerful features designed to streamline your virtualization management:

  • New design system: Experience our updated and modern design system, enhancing usability and visual consistency.
  • Tree view & VM consoles: Navigate your pools, hosts, and VMs with ease using the tree view, and directly access VM consoles for quick interactions.
  • Dashboard & monitoring: Get a comprehensive overview of your pool with global information, including resource usage, available patches, statistics, alarms, and more.
  • Advanced filtering & VM lifecycle management: Efficiently filter and sort VM objects, and control the entire lifecycle of your VMs (start, stop, migrate, snapshot, delete, etc.).
  • Detachable console: Open the VM console in a separate window, with support for keyboard shortcuts like Ctrl+Alt+Del.
  • Internationalization & task tracking: Available in multiple languages (English, French, German, Persian) with task tracking for operational monitoring.
  • Dark Mode/Light mode & XOA access: Choose between dark or light themes and easily deploy or access XOA with a dedicated button.
  • Platform enhancements: Includes various backend fixes, such as correct MIME type reporting for SVG and other files by the XAPI web server.

Before the end of the year, we'll be adding network management and VM creation, enabling you to perform most basic tasks without needing the full Xen Orchestra.

🖥️ Windows 11 and vTPM support

With Windows 11 requiring a Trusted Platform Module (TPM) for installation, significant effort has gone into supporting virtualized TPMs (vTPMs). The developers at XenServer have been hard at work, reusing and writing open-source components to enable vTPM support, which has now been integrated into the Xen API (XAPI). XCP-ng users directly benefit from this open-source collaboration, ensuring seamless support for vTPMs across the platform.

In XCP-ng, a vTPM can be provisioned for any UEFI-based VM, but given that Windows 11 is the most common use case, creating a VM from the Windows 11 template automatically triggers the provisioning of a vTPM module, making the process effortless for users.

🖥️ Dom0 IPv6 support

After four years of upstream contributions, rigorous testing, invaluable user feedback, and numerous bug fixes, we are excited to bring full IPv6 support to XCP-ng 8.3!

While IPv6 was already available for VMs, IPv4 had remained a requirement for the management interface and shared storage—until now. With XCP-ng 8.3, you can choose between three installation modes: IPv6 only, IPv4 only, or a dual IPv4+IPv6 mode (still in experimental phase). These settings apply exclusively to the control domain and do not affect VM networking, which is handled separately.

đź’ˇ
Please note that this setting cannot be changed post-installation, meaning there is currently no way to convert an existing XCP-ng installation to another mode. A fresh installation is required to switch modes.

There are still a few known issues related to IPv6, which can be tracked here: https://docs.xcp-ng.org/releases/release-8-3/#ipv6-related-issues

We also ensured that all mirrors hosting updates for XCP-ng now support both IPv4 and IPv6. A big thank you to the sysadmins who quickly added this support after being informed of the new requirement!

✨ Broader hardware support

Thanks to contributions from our user community, we’ve significantly improved support for newer consumer-level hardware, such as the popular Intel NUC and 2.5G network devices often found in this category. With the inclusion of the igc and r8125 drivers, XCP-ng now fully supports Intel i225 (and close variants) and the Realtek RTL8125 family of devices.

While some of this work might feel like old news, as it was backported to the XCP-ng 8.2.1 refreshed installation ISO, it was initially developed for XCP-ng 8.3. In addition, other hardware drivers have also been updated to ensure broader compatibility across various devices.

This may seem like old news since this work was retrofitted to XCP-ng 8.2.1's latest refreshed installation ISO, but it was initially done for XCP-ng 8.3. Other hardware drivers have also been updated.

4K Native Disks Support

Another enhancement backported to XCP-ng 8.2.1 is support for 4K native disks. To address the existing limitations in our storage stack with these devices, we introduced a new largeblock storage driver. This driver works by transparently emulating a 512B block size, allowing 4K native disks to function properly, though with a slight performance trade-off.

✨ PCI passthrough device management

In XCP-ng 8.3, we expanded the XAPI API by adding new endpoints to manage PCI passthrough devices remotely. Thanks to those changes, Xen Orchestra developers have integrated corresponding UI elements, enabling users to easily add or remove devices from the passthrough list. Once a host is rebooted, the devices are released by dom0 (the control domain) and become available for assignment to VMs, streamlining the process for administrators.

✨ Network selection for the Host Evacuate feature

Previously, the Host Evacuate feature (which moves all VMs off a host for maintenance) always selected the management interface for live migration. We enhanced XAPI to allow users to choose a different network for migration, offering the option of using faster, more suitable network links. Xen Orchestra’s user interface now reflects this option.

✨ VM snapshot with disk exclusion

A long-requested feature, VM snapshots with disk exclusion, is now available. Users can exclude specific disks (e.g., a raw or large irrelevant disk) from snapshots to save space.

This feature was enabled through API enhancements and is already functional in the current stable version of Xen Orchestra. This is implemented as the [NOBAK] feature, which conveniently excludes a virtual disk from backups. Additionally, we’ve introduced a new string, [NOSNAP], which allows you to ignore the disk during regular snapshots. You can combine both strings to exclude a disk from both VM snapshots and VM backups: [NOSNAP] [NOBAK].

✨ Enhanced coalesce detection

Thanks to improvements in the storage API reporting, Xen Orchestra can now display more details, such as whether an SR is performing a coalesce operation (Gear ⚙️ icon).

It's also visible in the XAPI tasks, and therefore in XO with a progress percentage.

✨ Migration stream compression

For environments with slow network connections between hosts, you can now enable compression on the migration stream during live VM migrations. This feature, already available in Xen Orchestra, uses additional resources on the involved hosts, but can significantly speed up the migration process if your network bandwidth is limited. However, since the effectiveness of this feature can vary, we recommend testing it in your environment before deciding to keep it enabled.

✨ Host evacuation improvements

When putting a host into "maintenance mode" in Xen Orchestra (or during a Rolling Pool Update), it triggers the host.evacuate XAPI method in XCP-ng, initiating live migration of VMs to other hosts. By default, up to 10 VMs migrate simultaneously, but under heavy load, this can increase VM "freeze" times, sometimes up to 30 seconds.

To mitigate this, we enhanced the XAPI method with an optional "batch size" parameter, allowing control over the number of concurrent migrations. Xen Orchestra now defaults to a batch size of 3, balancing migration speed with minimal VM pause times, without requiring configuration changes on hosts. This improvement showcases the benefits of Vates delivering the full stack, as enhancements in XCP-ng immediately benefit Xen Orchestra. We also added the capacity to select the migration network, which is directly visible in Xen Orchestra.

✨ Disk hardware status

In Xen Orchestra, you can now directly see the disk health, thanks to a new XAPI plugin using the updated smartmontools package, supporting JSON export required for this feature.

🛠️ Improvements in the installer

Many many improvements in here, so we'll just touch the surface. More details and items can be found in the dedicated section in the release notes:

  • memtest86+ has been updated to version 6 with EFI support.
  • Better error message granularity when installations fail due to incorrect system dates, signature issues
  • Earlier warnings if attempting to upgrade a system with a different BIOS type
  • IPv6 support was added
  • And much more…

Also, we redesigned the image-creation process to use a brand new set of scripts - here again, this effort which started for 8.3 was already put to good use last year with XCP-ng 8.2.1's latest refreshed installation ISOs. Users willing to customize the installation images also have a more light-weight option, with our iso-remaster script. And those facing a missing hardware driver at installation time will also have the option of producing a Driver Disk to complement a pristine installation image.

🛠️ Changes in Guest UEFI Secure Boot

In XCP-ng 8.2.1, we introduced Secure Boot support for VMs based on our own reimplementation of XenServer's varstored, which at the time was not open source. Our version, called uefistored, filled the gap. However, since then, XenServer has open-sourced their varstored, and after careful consideration, we decided to switch to it to avoid duplicating efforts—a tough decision, given the significant work invested in uefistored.

Subsequently, XenServer made changes in XAPI regarding how UEFI certificates are stored and updated at the pool level, which had the potential to cause regressions for XCP-ng users. To address this, we worked on finding a balanced solution that maintains a strong level of security while also being user-friendly.

For more details on this change, please refer to the release notes.

🛠️ Misc

There are too many updates to cover in full, but here’s a snapshot of some key changes:

  • Certificate verification between pool members: Mitigate MITM attacks by enabling certificate verification.
  • Increased limits: Higher vCPU per guest and increased CPU support per host.
  • OpenSSH enhancements: Simplified handling of ciphers, keys, and algorithms directly at build time.
  • Port 80 restriction: You can now close TCP port 80 on the management interface for enhanced security.
  • Custom multipath configuration: Clean, user-friendly support for defining custom multipath setups, without altering the default configuration.
  • Python 3 migration: Almost all Python components have been successfully ported to Python 3.
  • VLAN display in xsconsole: VLAN support now available in the xsconsole interface.
  • Updated guest templates: Including two new generic Linux templates (BIOS and UEFI).
  • IPv6 VM network booting: Added support for IPv6 during VM network booting.
  • Test automation improvements: Significant investments in test automation have boosted coverage, though feedback from our user community continues to be invaluable and has played a vital role throughout the development of XCP-ng 8.3.

The fully detailed list can be found at https://docs.xcp-ng.org/releases/release-8-3

XOSTOR status

As of release, XOSTOR (our hyperconverged storage solution based on LINSTOR) is available in XCP-ng 8.3 but is still considered beta.

Therefore, upgrading from XCP-ng 8.2.1 with XOSTOR to XCP-ng 8.3 is not yet supported. We will provide upgrade instructions once XOSTOR reaches a stable release on XCP-ng 8.3.

Deprecation

The most visible change is related to the old PV (paravirtualized) virtualization mode: it's now completely removed. Official support for PV guests stopped with the release of XCP-ng 8.1, on 2020-03-31, but 64-bit PV guests still ran on XCP-ng 8.2.1 despite the deprecation. In XCP-ng 8.3, they won't run at all.

For the rest of deprecated or removed features, please read the dedicated release notes section.

Known issues

See https://docs.xcp-ng.org/releases/release-8-3/#known-issues. Almost all of it is IPv6 related when using dual-stack or in some scenarios.

What's next

The official release of XCP-ng 8.3 is just the beginning. We’ll continue enhancing this version with new features, something we can’t do with 8.2 LTS. Expect exciting announcements in the coming months across various areas, including storage, performance, and overall capabilities. In parallel, we’ve already begun working on our next major platform. As XCP-ng 8.3 marks the end of the 8.x series, you can look forward to the arrival of the 9.0 platform, packed with even more innovations.

Tags

Olivier Lambert

Vates CEO & co-founder, Xen Orchestra and XCP-ng project creator. Enthusiast entrepreneur and Open Source advocate. A very happy Finnish Lapphund owner.

Recommended for you