Team - XAPI & Network

Private

Posts

  • RE: Native Ceph RBD SM driver for XCP-ng

    @benapetr You're right. Unfortunately, there's no VDI revert that allows the revert to happen '. This is shown in the documentation: https://xapi-project.github.io/new-docs/toolstack/features/snapshots/index.html (see revert section)

    There's an old proposal to do add this: https://xapi-project.github.io/new-docs/design/snapshot-revert/index.html

    But the effort fizzed out because currently the imports do not set the snapshot_of correctly, and the operation needs to work even if the field is not set correctly, as it is now. (falling back to the current code seems sensible) https://github.com/xapi-project/xen-api/pull/2058

    This needs some effort to get fixed, I'll set up some ticketing so it can be prioritized accordingly.

    djs55 opened this pull request in xapi-project/xen-api

    closed VDI.revert pull request + extra bits #2058

  • RE: Epyc VM to VM networking slow

    @Forza By default XOA VM has 2 vcpus, how many vcpus do your ubuntu have? Althrough iperf isn't running multithreaded in your test, there is one queue on the kernel side of the VM per vcpu to process packets.

  • RE: Patch for CVE-2025-27466, CVE-2025-58142, CVE-2025-58143

    It likely depends how they check:

    • if they use xl info they cannot know if it is the latest
    • if this is an automated SBOM scan, there is no database containing our version to assess it was patched

    At least that's the only ways I have in mind right now 🙂

    Could be interesting if you can get the info on how it is checked and where they expect to find the information.

  • RE: Patch for CVE-2025-27466, CVE-2025-58142, CVE-2025-58143

    Hello, the blog post you linked is our announcement that these have been fixed on our side. As you don't have any updates in XOA or yum commands, it means that you're on the latest version already.

    The reported version of xen through xl info il the base version, the .3 is our own patch or build iteration, therefore not reflected in that command.

    If you want to be sure, the best way is to compare the yum info xen-hypervisor version to the one present in the blog post.

  • RE: Native Ceph RBD SM driver for XCP-ng

    @benapetr This is driven by hacky logic from 16 years ago:

    • on revert, unserialize the previous state, and update the VM record with its saved values. As we do not want to modify that each time we add a field in the datamodel, use some low-level database functions to iterate over the fields of a record. Not very nice as it makes some assumptions on the database layer, but seems to work allright and I don't think that database layer will change a lot in the future.

    I think it might be a good idea to add a revert rpc call to the storage interface that xapi can call to, with a backup to use the current logic if necessary; xapi should be able to clean up the database afterwards. I'll ask other maintainers about this or possible alternatives, but since SMAPIv1 is considered deprecated, I doubt it will happen.

    I have to say that SMAPIv3 was finally fixed upstream on June by Xenserver (migrations were finally done!) and XCP-ng should get the update that fixes it in the coming weeks. Given this, I would encourage you to take all the learnings you've acquired while doing the driver and porting it to SMAPIv3. SMAPIv1 just simply has too many problems, some of them are architectural, so in general xenserver and xcp-ng maintainers would like to see it finally go away.

    for now I am still targetting XCP-ng 8.2 as that's what I use in production, and I haven't seen many SMAPIv3 drivers there.

    8.2 is out of support for xenserver, and for xcp-ng yesterday was the last day it was supported, you really should update 😛

  • RE: PCI device doesn't show in XO or xe pci-list

    @chicagomed Could you (and others with the issue) please post the output of lspci -mnn for the devices that are not shown in xe pci-list?

    XAPI filters for PCI devices with classes 01XX, 02XX, and 03XX as a safety measure (better to be safe than sorry in avoiding passthrough of critical devices), but perhaps we could reasonably expand this filter.

  • RE: Misleading messages during restore from backup

    Not sure to understand but for example if you run xe vm-start <uuid> on slave1 but the vm is started on slave2 (because it uses a storage local to slave2) then the resident-on will be slave2. It's because the task Async.VM.start is really created on slave2 even if the initial command has been received by slave1. Does it answer your question?