Updates announcements and testing
Get ready for testing. New (previously unforeseen) security updates are coming soon for testing. You can thank hardware bugs in CPUs (and it's only starting)
Testing: November 2019 security update for XCP-ng, 2nd Impact
New security update candidates are available (XCP-ng 7.6 and 8.0). As usual, I will only release them to everyone after enough testing, so if you can please install the update candidates.
Instructions there: https://github.com/xcp-ng/xcp/issues/308
Please use the github issues to provide feedback so this thread here remains clean.
End of WE soon, still interested in feedback for release tomorrow.
nmym last edited by
@stormi intel only it seems?
There's a misunderdstanding when I ask for tests. What hardware you have doesn't really matter. Even if you don't have Intel CPUs, your hosts will receive the updates. So they are impacted. If there are regressions in the updates, you'll be impacted.
That's why what's the most important with all the updates I ask feedback for is not what they fix, it's what they don't break. A large number of "I installed them, things seem to still function normally" is what we really need.
Testing the actual changes the updates bring is a plus, but not a requirement to be able to contribute.
Security Updates released. Intel hardware again. You'll need to choose between safety and performance regarding one of the flaws if you are running untrusted guests. https://xcp-ng.org/blog/2019/11/18/security-updates-for-intel-hardware/
I just pushed a bugfix update for XCP-ng 8.0:
If you had alread applied all the security updates, there's no hurry. You can wait for the next batch of security updates if you don't strictly require the fix. If you apply it alone, no reboot is required.
@stormi Thank you!
I'll be applying and validating the patch.
I'm interested in the results because it's the same patch!
@stormi The perception I have is as follows in XCP8:
- After backup, all the disks were left with 1 disk frozen in the leaf tree.
- Even pausing the VM and rescanning disk, the coalesce process does not start.
For CH7.1 with the XS71ECU2020 update, the coalesce process completed 100% by pausing the VMs. We will now re-back it up and see if the coalesce runs again 100%.
I used standard times in LIVE_LEAF_COALESCE_TIMEOUT=10.
The new test will be with LIVE_LEAF_COALESCE_TIMEOUT=300.
_danielgurgel last edited by _danielgurgel
@stormi The strange thing is, I had to turn off the VMs, rescan disk and then turn on again.
The coalesce process began with the linked VMs (in production) and successfully completed. The following values have been changed at /opt/xensource/sm/cleanup.py :
LIVE_LEAF_COALESCE_MAX_SIZE = 1024 * 1024 * 1024 # bytes LIVE_LEAF_COALESCE_TIMEOUT = 300 # seconds
Well, apparently everything ok... we will see in our next backup if it will be necessary to turn off the VMs for the coalesce to start and complete correctly.
@stormi After the informed change, the backup occurred with 100% success, on no disk in the coalesce chain.
We're migrating another cluster to XCP-ng 8!
Thanks for the support, quick return and attention.
A new update just pushed for XCP-ng 8.0:
xcp-ng-xapi-plugins. It adds a plugin that the latest version of Xen Orchestra (just released) needs in order to offer a new feature: integration of
netdatafor all hosts into a single interface. See the blog post.
xcp-ng-xapi-pluginsis the only update available for your hosts, then no need to reboot after installing. A toolstack restart is enough.
If you don't need the new feature, you can skip this update until the next batch.
New security update candidate for testing in XCP-ng 8.0 and 7.6.
Fixes security issues in Xen. Also provides updated microcode for some Intel
Details and discussion on https://github.com/xcp-ng/xcp/issues/319
Please test (we simply need people to install them and check that they do not see obvious regressions).
This post is deleted!
This post is deleted!
akurzawa last edited by akurzawa
I've a problem with freezing Windows VMs after applaying latest updates - do You know anything about it? Those vms have guest tools from citrix.
I haven't heard of it until now.