XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    CH 8.2

    Scheduled Pinned Locked Moved News
    ch 8.2
    23 Posts 11 Posters 8.8k Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mathsq4
      last edited by

      Since Xen Project released brand new 4.14 version just recent, is it too late to include it in 8.2 XCP-ng release?

      1 Reply Last reply Reply Quote 0
      • olivierlambertO Offline
        olivierlambert Vates πŸͺ Co-Founder CEO
        last edited by

        @mathsq4 we don't do that. Including a new Xen version is often requiring a lot of work to be sure the API/ABI doesn't break anything, and probably modify stuff around it.

        We could always try somehow at some point in testing repo, but it's far harder than you might think in the first place πŸ™‚

        C 1 Reply Last reply Reply Quote 1
        • A Offline
          adriangabura
          last edited by

          Do you think Ivy Bridge will not work with XCP NG 8.2? 😞 I have a homelab and have little desire to retire my xeon 😞

          1 Reply Last reply Reply Quote 0
          • olivierlambertO Offline
            olivierlambert Vates πŸͺ Co-Founder CEO
            last edited by

            Again, nothing will be "blocked". It's just you won't have sec updates on those CPU because Intel stopped to ship fixed microcodes. So Citrix (and us) can't tell you are secure with those anymore (because of Intel)

            1 Reply Last reply Reply Quote 0
            • M Offline
              marekm
              last edited by

              What about future support for old AMD CPUs? I see Opteron 61xx and older support was removed in CH 8.0, are there any known issues with 62xx/63xx/P series that might cause them to become unsupported in the near future?
              I rely on used servers mainly for cost reasons, recently moved from Intel to AMD in the hope they will be less insecure (not perfect either, but what is), current 6338P CPUs from 2014 seem to be good enough for now, until shiny new EPYC become cheaper in a few years...

              1 Reply Last reply Reply Quote 0
              • olivierlambertO Offline
                olivierlambert Vates πŸͺ Co-Founder CEO
                last edited by

                I have no idea. In general, "Unsupported" means no security patches possible for those old CPUs.

                Does those CPUs got NPT? (Nested Page Tables)

                1 Reply Last reply Reply Quote 0
                • M Offline
                  marekm
                  last edited by

                  According to wikipedia: "AMD Opteron CPUs beginning with the Family 0x10 Barcelona line, and Phenom II CPUs, support a second generation hardware virtualization technology called Rapid Virtualization Indexing (formerly known as Nested Page Tables during its development), later adopted by Intel as Extended Page Tables (EPT). " - so that would be since about 2008 or so.

                  Later there have been some critical microcode updates, 63xx series got one in 2016 (unprivileged guest could crash the host), not sure which older CPUs have this update and which don't.

                  1 Reply Last reply Reply Quote 0
                  • olivierlambertO Offline
                    olivierlambert Vates πŸͺ Co-Founder CEO
                    last edited by

                    So there's good chances it will work, but don't expect any serious security provided by AMD microcodes…

                    1 Reply Last reply Reply Quote 0
                    • C Offline
                      cg @olivierlambert
                      last edited by

                      @olivierlambert what people often forget or not think about: You want to have someting mature, tested, stability proven - especially for an LTSR. People who stay on these branches don't do it for bleeding edge stuff. πŸ˜‰

                      1 Reply Last reply Reply Quote 0
                      • olivierlambertO Offline
                        olivierlambert Vates πŸͺ Co-Founder CEO
                        last edited by

                        I don't get it, what's the connection with the current discussion?

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post