@nikade We've already fixed some issues to start using ocaml 5 regarding the C interfaces. Handling threading in ocaml 5 is still an open problem that the ecosystem has not yet solved (there are many libraries competing now). We still need to create a credible strategy to port xapi to the new model, and don't have any timelines yet
-
RE: Stunnel - Future plans to use something else?posted in Development
-
RE: XCP-ng 8.3 beta 🚀posted in News
@rmaclachlan This looks awfully similar to https://github.com/xapi-project/xen-api/pull/5451
-
RE: Stunnel - Future plans to use something else?posted in Development
@john-c This involves waiting on a stable OCaml 5 version being release, then porting the whole codebase to use the new multithreading APIs, this is a very complex matter, and it will take a long time until it's realised
-
RE: XCP-ng 8.3 beta 🚀posted in News
@stormi said in XCP-ng 8.3 beta
:@psafont Will a 8.2 to 8.3 upgrade (through the installation ISO) leave TLS verification disabled, or will it enable it by default?
It's not enabled by default, enabling it by default is not possible with the current update procedure where the pool coordinator is updated before the other pool member because these do not expose the new certificates to xmlrpc clients before upgrading, breaking communications.
In other words: must we expect any user who upgrades from 8.2 or lower and then later wants to add a new host to the pool to see this error (and likely ask for help, even if we document it properly - and we would of course)?
Yes
-
RE: XCP-ng 8.3 beta 🚀posted in News
@gsrfan01 The error happens because the joining host has TLS certificate checking enabled for pool connections while the joined host don't.
This mismatch happens because on fresh installs TLS certificate checking is enabled, while for updates from previous versions is not.
To enable TLS certificate checking in a pool simply running
xe pool-enable-tls-verification.The emergency command is not needed in this case, it's useful to re-enable certificate checking in a single host after is has been disabled using the emergency disable
-
RE: XCP-ng 8.3 public alpha 🚀posted in News
@olivierlambert Snapshot is in essence a VDI clone, I don't see any checks being done before the filtering for ignored VDIs is done. And that is done pretty early on, not sure why there are operations affecting virtual block devices from ignored VDIs: https://github.com/xapi-project/xen-api/blob/master/ocaml/xapi/xapi_vm_clone.ml#L416
