RE: XCP-ng Center: Future

Hey thanks for working on XCP-ng Center -- I find it a really useful tool.

Is this a README that describes how your project differs from XenCenter.

FWIW -- I had a similar problem with VMs going randomly down -- it wasn't windows but various BSD and Linux VM's. Sometimes they would run a few days, other times they would lock up every other day. Logs didn't help because when the VM locked, logs were not written. I even had the xcp-ng installation lock a few times, although it was usually on of the VMs. I started searching for faulty hardware and eventually SMART tested all the drives and mem86 the RAM. Turns out I had some bad RAM modules which I later RMA'd. With new RAM (after after thoroughly testing it), I haven't had any lock ups. I'm not sure this will help you at all.

@nikade Hey thanks for for the link. I ended up just using a LetsEncrypt cert rather than self signed. I think had to add a DNS host override on my router to associate the Local LAN address of the xo server with the domain name of the server contained in the certificate -- Like 10.0.1.50 ---> xo.example.com. Thanks for pointing me in the right direction on this one.

Here is my screenshot:

The listed containers don't exist on the host anymore.

@Rocky

I'm a little confused I guess. I have a PIF section. There is nothing under my Private Network area.

@Rocky
Yea it really stinks b/c I can't upload screenshot

So within XO
Home->Hosts-> Pick your Host
Choose Network
The third column is VLAN. You could type you VLAN information here.

However the only question I would have is what exactly do you want to tag, and what don't you want to tag. I believe if you typed in VLAN 999 for example, this would represent untagged traffic on this network.

@Rocky
What did you try. You can use XO or XenCenter.

All I have is a container tab. I tried to upload a jpeg screenshot but for some reason your forums isn't taking it and I'm getting a lot of pop up errors trying to insert the image. I followed the instructions linked by @jmccoy above. I already had an existing VM. Do you have any additional instructions?

By the way -- the error on the image upload was the following:

Something went wrong installing the "sharp" module /lib64/libz.so.1: version `ZLIB_1.2.9' not found (required by /usr/share/nginx/html/forum/node_modules/sharp/build/Release/../../vendor/lib/libpng16.so.16) - Remove the "node_modules/sharp" directory then run "npm install --ignore-scripts=false --verbose" and look for errors - Consult the installation documentation at https://sharp.pixelplumbing.com/install - Search for this error at https://github.com/lovell/sharp/issues

@jmccoy555

I tried the method you linked to with github. I was excited at first when I saw the containers tab in the UI. Later I created a number of docker containers and such within the VM. I came back later to the XO UI and saw none of the new containers. This feature seems a little bit borked to me.

@julien-f

Ahh - very nice -- I guess the point of my post was pointless.

Thanks for help.

@julien-f

I reviewed your commit, however I don't understand your heading (remove TLS config to use native settings).

If not specified in the config.toml file, what are the native settings? Where are these specified?

@julien-f

Snippet of config.toml file:

# These options are applied to all listen entries.
[http.listenOptions]
# Ciphers to use.
#
# These are the default ciphers in Node 4.2.6, we are setting
# them explicitly for older Node versions.
ciphers = 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!SRP:!CAMELLIA'

# Tell Node to respect the cipher order.
honorCipherOrder = true

# Specify to use at least TLSv1.1.
# See: https:#github.com/certsimple/minimum-tls-version
minVersion = 'TLSv1.2'

secureOptions = null

#secureOptions = 117440512

At least for me including those options didn't work.

Oct 27 14:54:32 ubuntuxo systemd[1]: Started XO Server.
Oct 27 14:54:33 ubuntuxo xo-server[103642]: ✖ Unexpected character, expected "nan" at row 115, col 18, pos 3784:
Oct 27 14:54:33 ubuntuxo xo-server[103642]: 114:
Oct 27 14:54:33 ubuntuxo xo-server[103642]: 115> secureOptions = null
Oct 27 14:54:33 ubuntuxo xo-server[103642]:                       ^
Oct 27 14:54:33 ubuntuxo xo-server[103642]: 116:
Oct 27 14:54:33 ubuntuxo xo-server[103642]: TomlError: Unexpected character, expected "nan" at row 115, col 18, pos 3784:
Oct 27 14:54:33 ubuntuxo xo-server[103642]: 114:
Oct 27 14:54:33 ubuntuxo xo-server[103642]: 115> secureOptions = null
Oct 27 14:54:33 ubuntuxo xo-server[103642]:                       ^
Oct 27 14:54:33 ubuntuxo xo-server[103642]: 116:

If I changed the secureOptions back to prior value with minTLS version the server would at least start, however I have no way to verify if functioning correctly.

Hi I'm referencing a part of the XO configuration found in the config.toml file:

# Specify to use at least TLSv1.1.
# See: https:#github.com/certsimple/minimum-tls-version
secureOptions = 117440512

I visited the site referenced however I don't see any numbers that would indicate the secureOptions directive. The site has examples such as the following:
secureOptions: minimumTLSVersion('tlsv11')

On this site there isn't any mention regarding the use of numbers. How did the configuration decide on this setting?? I'd like to use tlsv12 as minimum.