RE: XO Lite can`t manage host

@olivierlambert

It is looking good, and like many people I am eagerly awaiting the roll out of the complete XO-Lite. But we need to remember that there are other ways to get your system up and going. You can grab the official XOA right from the XO-Lite pages, you can command line from a host and download XOA or one of the XO from sources. You can also take a completely separate Linux computer, in my case this is an old HP T630, install Debian, and build the sources on it.

No matter how you build your system, and whether you are paying for XO or using sources, I advocate to having at least one separate computer that has XO from sources running. Could be a laptop with Windows WSL, could be just a "terminal" in your rack room. Some cheap little computer that has Debian with a desktop for a few tools like web browser, and XO from sources that you can hit from the loop back or from a computer out of the room. There are times when having that local computer up to monitor things is really handy, especially if your XOA is crashed for some odd reason (host crash, etc.)

Now the above may change once they finish XO-Lite because the basic functions we need will again be present, but until then, there are ways to get going. XCP-NG Center had a lot of good stuff in it, but after teaching myself what I needed to do with XOA or XO-CE (sources), I don't really miss it. But set up from zero will be much easier with a completed XO-Lite, or at least can be different.

@dinhngtu

I haven't had time to install anything else on this VM, I'll have to think about other roles or features that I might want to try to see if additional services will cause additional problems. WDS might be a good one since it opens up a few different services, but really only good for Win10 stuff these days.

I could install the Shoutcast server (as a service), but not sure if it plays nice with AD DS, would be simple enough to point a stream at it and play the audio locally once it is set up.

Do you think Zabbix agent would trigger it? I could get that going pretty quick and use it to test things with Zabbix while doing it.

@Greg_E

Also I should say that I've rebooted many times and still OK, going to leave it baking while I get on to other things.

@Chemikant784

Since it doesn't seem to hurt anything, maybe it should get pushed up the chain to Xenserver and have them just change the MA installer to make this delayed start. But for now maybe this needs to be a note in the documentation that the user may need to change to delayed start for Windows 2025 running any parts of AD. If there are clearer images needed, let us know and one of us will grab some. Fell free to use my images in this thread in the official documentation if desired/needed. Should probably work up a few showing what this looks like from "normal" server view (no GUI), because as we know (people keep telling me) real admins don't use a GUI!
(aside, if that's true, why does Xen Orchestra exist??? Why does vCenter??? Why does Prism??? )

Also keep an eye on your server 2022, you never know when Microsoft will push a "fix" for something in AD and break the MA on currently working systems. We all know they have a habit of doing things like this. But I have a feeling it is the functional level of 2025 that is breaking this, something that should probably be tested but I don't have the time right now to delete it and set it back up at functional level 2016 and see what happens.

Has the kernel changed to a newer version, or still 4.xx.xx?

@olivierlambert

Which one, powershell or WAC. They are kind of one in the same when you look at how WAC makes the calls to do the work, there's a button to reveal the powershell behind the button clicks so you might be able to get both at once.

But WAC draws nice graphs and gives us a GUI to get the work done. Yes I know, real Admins don't use GUI. Whatever, AI will eat our jobs anyway, just trying to stick it out another 9 years at this point.

When I get time, I'll still probably take a swing at this task for WAC, because to me this would be valuable. Big learning curve though.

Now if MS would finally add Group Policy to WAC and fix some of the DHCP and DNS features that are still in preview...

@Greg_E

Ok, this was again not as straight forward as we might like. System as follows:

XCP-NG 8.3 (current)
vTPM, vUEFI, vSecureboot
NFS share
Management Agent 9.4
Server 2025 with November 2024 cumulative update applied (not important)
AD DS, DNS, DHCP installed and configured

After several reboots I was still getting the problem:

Thinking a little more, I decided to switch from Automatic to Automatic (Delayed Start)

The delayed start seems to have fixed the issue for me:

I've had this issue before with other services, we handle audio and video devices which have some demanding start routines so I should have thought of this earlier. Simply changing to delayed start lets another necessary service start which then allows the MA to start.

Also, the horrible lagging I mentioned earlier was from a Truenas issue that I didn't know about until a couple days ago, patch your Electric Eel if you haven't done this yet. It's still a little laggy, but not like it was when I mentioned the problem before. All work so far has been through the XO console which is running on an old HP T630 which is pretty slow.

Going to monitor this for a while before I dig too deeply into setting this up, it's my second physical network on my lab which is also the second physical network on my VMware system, I'm sure I'll need to do more configuration than just DNS and DHCP down the road. I'll probably form a trust with the first network AD DS, just to give that some practice and see what 2025 might bring. Eventually I'll need to upgrade my production network to 2025, so I'm justifying the time spent in research for the future, I'm already Windows 11 for all my clients, so Server 2025 should play more nicely and might bring some features back that they removed from 2022 (some GPO to start).

Didn't know where to put this, so here it is.

Has anyone developed any Windows Admin Center (WAC) extensions to manage and monitor XCP-NG? Big learning curve for me, but this might be a worthwhile investment in my time sometime soon. Just wondering if anyone else has fooled with this in the past?

https://learn.microsoft.com/en-us/windows-server/manage/windows-admin-center/extend/developing-extensions

While this is "for windows" it can do a lot of other things like talk to your iDrac and iLO. Mostly I use WAC for some simple Windows tasks, but it would be nice to have a little XCP-NG/XO control while I'm in there. Since I haven't gone down this path yet, I'm assuming that I can have WAC make some API calls similar to how XO makes those calls. Just a theory but thought I would ask and maybe get people thinking about yet another way to manage our systems.

@dinhngtu

Thanks, I'll have to give this a try when I get some time, I can set it up on the gigabit network on my lab. Might even do this today because it's a task I can do while getting interrupted.

@Chemikant784

I noticed the installer when I was trying to update from the 9.3.3 to 9.4 agent, didn't know about schedulers being locked up.

@flakpyro

Yes, you need to promote this to at least AD DS and go through the setup phases of this task. It was fine until I finished the AD set up and rebooted. I'm thinking there is a port that the new 2025 functional level uses that may be conflicting with the management agent. I didn't go too much farther because I need to move on with some other things in my lab.

If you disable that service, will the VM still be able to live migrate from one host to another during things like rolling pool reboot or rolling pool upgrade? Again, didn't have time to test right now, but have had issues in the past from this. Wish I remembered to try this while it was still built.

There may be one other way around this that might be worth testing... Build a Server 2022, set up AD DS and make sure everything is working. Then do an inplace upgrade to server 2025. This will keep the functional level at 2016 and check to see if everything is working. Then upgrade the functional level to 2025 and see what happens. Depending on where my other tests go, I might give this a try because I'm more likely to do an inplace upgrade on my production machines than to do a fresh install and migrate FSMO roles. But not right now.

@Greg_E

OK, I've reached the end of my testing, it is still broke! There is something wrong with the Management Agent after you install and configure AD DS. It is in a constant state of "starting" and I'm pretty sure it is generating all the console host services. I've now tried both the 9.3.3 and the 9.4 versions, the 9.4 was downloaded about half an hour ago, can't much more fresh than that.

So where do we go? We don't run Server 2025 until the Management Agent is updated to work with it. The problem I have is that I can't think of how we alert them to the problem. Point someone to this thread maybe?

For now, I'm going back to 2022 because this isn't really worth messing with until things work. Kind of a show stopper for me. If you disable that stuck service and find a way to stop it, then maybe for messing around. I had to restart each time I disabled that service. And once disabled, all the repeating console hosts stopped in their tracks.

All of this testing was done on the latest version of XCP-NG 8.3 with either NFS or SMB for my SR and going over a 10gbe network. Truenas 24.10 is the storage host, just to be complete.

@Greg_E

In the few minutes between the last post and now, I was up to 8 of these and growing. XO (XCP) also didn't detect the management agent, no RAM use was showing. I'm wondering if this is part of the issue. Rebooted to see if the management agent gets straightened out and going to let it sit for a couple hours and check after dinner (almost time to go home), it will probably be 4 or 5 hours of run time before I get back to this tonight.

[edit] still no management agent, I think this might be part of the problem. It was working "fine" before installing ADDS, DHCP, and DNS. Going to reinstall 9.3.3 and see what happens later tonight or tomorrow.

@Greg_E

It is still slow, everything lags, even the command prompt to set w32tm to use my gps ntp source and set it reliable was laggy. I think this must be a combination of my old hardware that doesn't support some of the new features, vTPM, vSecureboot, and vUEFI, mostly I think it's the old hardware I'm running this on. Using RDP there is less lag than the XCP-NG Console from XO, so maybe not a huge issue after all.

I just set up ADDS, DHCP, and DNS. After the reboot I see 5 conhost and will monitor from here. If I see it grow, I'm going to install the 9.4 agent and drivers to see if it fixes anything.

Nice to see a new Functional Level added, been a long time since the 2016 version.

@Greg_E

Going to take a bit longer, need to get secure boot keys installed, reading through the directions now. This will be the first time I'm testing something that need vTPM so should be an adventure!

[edit] Wow... VERY slow on my old hardware with secure boot and vTPM active. This is running on an HP DL360p Gen8 which doesn't support TPM2 modules and doesn't support UEFI natively, not sure if that stuff passes through. It's brutally slow and not from a storage point of view either.

Going to throw another few processor cores at it once the updates finish installing and I can shut it down. Hope that makes it work better.

This is with the 9.3.3 agent and drivers to the same NFS storage that I've been using for years, running on a 10gbe connection. Reached around 3gbps during install which is funny because that seemed really slow too.

I have never seen my processor running this high.

@flakpyro

Thanks, I didn't know there was a 9.4 yet, just grabbed that too.

@Chemikant784

I haven't, but I just grabbed the latest eval version which seems to be refreshed for release. I need to set up an AD with DHCP and DNS in my lab to move forward on some VMware learning, so I'll get to this soon. I just finished harvesting the vmware products from my VMUG Advantage account since Broadcom is doing their thing and killing these lab licenses (just announced a few day ago)!!! Broadcom leaving no stone unturned in their quest to really make people hate them!

Any gotchas I should look out for aside from the issue you are having? I'll run through the GUI role/feature installer and of course will install the OS with desktop.

@Chemikant784

Hmmm... That interesting that it has some kind of tie in with the management agent and ADDS. I still haven't even thought about this, but I like to stay on top of the server versions so I can figure out what I need for when I need it.

Even Win11 24h2 has some oddities, and I'm running it on metal, this is the LTSC version, but shouldn't matter. I turned off hyperthreading on one machine and it was not happy compared to HT left on. Might have to do with being an older HP Elitedesk 800 G6 (intel 10500).

Since Server 2025 is based on 24h2, I might have to load up the LTSC eval or Enterprise eval as well as Server 2025 eval when I get some time.

@Chemikant784 I haven't had time to check this, I don't even remember where I put the 2025 eval, but I'll get to it soon. If I put the eval on my VMware system, then I'll likely try it sooner and remember to put it on my XCP-NG system too.

@nikade

BTW, the ram increase made zero difference in the VDI migration times.

I may still change the ram for each host in production, but I only have like 12 VMs right now and probably not many more to create in my little system. Might be useful if I ever get down to a single host because of a catastrophe. Currently running what it chose for default at 7.41 MiB, roughly doubled that in my lab to see what might happen.

Just got my VMware lab started so all this other stuff is going to back burner for a while. I will say I like the basic ESXi interface that they give you, I can see why smaller systems may not bother buying VCenter. I hope XO-lite gives us the same amount of function when it gets done (or more).