Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Categories

News

All news regarding Xen and XCP-ng ecosystem

97
Topics

1810
Posts

Update released. Thanks everyone for testing!

https://xcp-ng.org/blog/2022/05/16/may-2022-security-update/
Development

The place to discuss new additions into XCP-ng

176
Topics

2400
Posts

P

Seeing this in on my XCP-ng host running 8.2.1:
No arguments provided to command install, default arguments will be used: - PK: default - KEK: default - db: default - dbx: latestDownloading https://www.microsoft.com/pkiops/certs/MicCorKEKCA2011_2011-06-24.crt...error: unable to retrieve certificate from URL: https://www.microsoft.com/pkiops/certs/MicCorKEKCA2011_2011-06-24.crt. Error message: HTTP Error 403: Forbidden.If the failure can't be fixed at the network configuration level, consider downloading the certificates manually and then loading one or more of them with secureboot-certs install <PK-filename>|default <KEK-filename>|default <db-filename>|default <dbx-filename>|latest. Check secureboot-certs install -h for usage details as well as a list of the download links used by secureboot-certs install.
I can validate that the URL is correct and even download the cert from another machine.

I also can verify the XCP-ng host has internet access and can resolve DNS.

Any ideas as to what would cause this?
Compute

All Xen related stuff

239
Topics

2093
Posts

A

@planedrop Ok, so it's a host lockup rather than a crash. That's a bit more irritating to debug.

First of all, can you update to the debug hypervisor. Adjust the /boot/xen.gz -> $foo symlink to use the version of Xen with the -d.gz suffix. This is the same hypervisor changeset but with assertions and extra verbosity enabled.

Also, can you append ,keep to Xen's vga= option on the command line. This should cause Xen to keep on writing out onto the screen even after dom0 has started up. Depending on the system, this might be a bit glacial, but dom0 will come up eventually.

Then reproduce the hang. Hopefully there'll be some output from Xen before the system locks up. You might also want to consider adding noreboot to Xen's command line too, especially if there's a backtrace and you want to take a photo of it to attach here.
Xen Orchestra

Everything related to XO

1142
Topics

8974
Posts

@pdonias yep I can confirm that works as expected, cloud-init uses the base VM name specified in the top of the create VM page, not the numbered VM names that result after creation. Nevermind!
Non-English speakers

Turkish (Türk)
Portuguese (Português)

17
Topics

51
Posts

Para conectar as outras VMs ao pfSense você pode usar uma rede do tipo internal. depois de conectar as VMs acredito que seja mais uma questão de configuração de pfSense mesmo.

Quanto a questão do offload. Você consegue desativar as opções de offload por hardware através do pfSense mesmo (nesse caso não precisa rodar os comandos de alteração das VIFs) :

Network Interfaces

Hardware Checksum Offloading
Disable hardware checksum offload

Hardware TCP Segmentation Offloading
Disable hardware TCP segmentation offload

Hardware Large Receive Offloading
Disable hardware large receive offload

System > Advanced > Miscellaneous
Cryptographic & Thermal Hardware
Cryptographic Hardware
AES-NI CPU-based Acceleration

Categories

News

Development

Compute

Xen Orchestra

Non-English speakers