XCP-ng 8.3 updates announcements and testing
-
@Greg_E Thanks, but that will not be necessary - I think I've figured out where the problem lies now. Good luck with the move
-
The move is more about spending yet more personal money for something that is primarily used for learning what I need to know for work (a rack, UPS, and some odds and ends at $800). Or half of it is, half of it is a VMware system and that's to let me learn what I need to leave this job and find one that pays more. And then move that work to something easier to use that costs less. Still amazed at how many places just took the price increase and are still not making plans to move to something else, even if they are cutting core counts in half to save half of that new money. But I'm also seeing that the general trend in IT around where I live is to get into a Silo, and never ever take on another task to fill a need. This way you never want to move laterally to other products, just keep doing the same things the same ways until management gets tired of hearing "we can't do that" and fires everyone to replace them with an MSP (or other contractor).
So for the off topic rant, feeling salty again today.
-
New security update candidates for you to test!
We're still working on the updates that you started testing (and a few more), but right now there's an emergency: a security update.
Yet more vulnerabilities in Intel hardware, addressed in two complementary ways: patching Xen and updating Intel microcode.
Test on XCP-ng 8.3
From an up-to-date host, or a host on which previous update candidates had been installed. Both fit.
yum clean metadata --enablerepo=xcp-ng-candidates yum update --enablerepo=xcp-ng-candidates rebootThe usual update rules apply: pool coordinator first, etc.
Versions
intel-microcode: 20250501-1.xcpng8.3xen: 4.17.5-13.1.xcpng8.3
What to test
Normal use and anything else you want to test. The closer to your actual use of XCP-ng, the better.
Test window before official release of the updates
~24h. That's an urgent one.
-
@stormi
Stats still not good
Only rebooted
After
Restart tool stack
-
@ph7 This update only covers the security issue described above. Fix for the stats issue will roll out later.
-
@stormi installed on the same test machines i have the other batch of updates installed on. No issues after a reboot.
-
@andriy.sultanov
Sorry, if I only could read...
Anyhow, My updated host running on intel seems to work just fine. -
My lab is down for a few days, so no testing for me. And it is AMD so maybe not useful. I probably won't be back running until Friday.
-
@Greg_E Thanks for letting me know. It is useful to make sure that it's still working on any kind of hardware, but your lab won't participate this time
-
Installed the patches on my lab pool and both hosts are up and running and no issues so far.
-
Latest urgent updates installed on 3-node Intel pool. Everything is working as before including the pre-production code "no stats" issue, but that still resolves following xe-toolstack-restart command. Since it is currently Microsoft patch Tuesday here, the latest Windows 11-24H2 2025-05 cumulative update was installed to VM along with various Linux VM updates and live VM host migrations. All working well including latest af03c Xen Orchestra from source (XOS).
-
@stormi Upgraded my test 8.3 hosts, several Intel and AMD Zen 3. So far, so good.
-
Update published: https://xcp-ng.org/blog/2025/05/14/may-2025-security-update-for-xcp-ng-8-2-8-3/
Thank your for the tests.
-
I see this for my 8.2 pool this morning, I'll kick it off when we all go into a meeting so it will be done when we finish.
-
@Greg_E Updated 3 pools @business (3 Intel hosts, 2 EPYC hosts) all OK with stats. Also 1 pool @home (2 Intel Protectlis) all OK with stats.
-
I updated the master pool...all went well. I updated one of the other hosts. After it rebooted, I got lots of messages about "Async.VM.clean_shutdown: 8%" on the various VMs.
My bad....XO was a two builds behind and well as XO was not up to date.
I updated to commit 95e72 and updated XOA version to 5.106.2 and all is well.
User error on my part but I hope this helps someone.
-
No issues so far with my production system (8.2.x) and this batch of important updates, these are on Intel Silver (v2?) processors.
But my system is so vanilla that I doubt there would be any issues anyway. The only "out of normal" thing I've done today is storage migrate a VM off of one Truenas to another so I can apply some updates to Truenas. Then I'll migrate everything to the updated server so I can update the "main" storage.
