Tuesday, November 10, 2015

Xen Orchestra 4.8 [feedly]

Xen Orchestra 4.8
http://xen-orchestra.com/blog/xen-orchestra-4-8/

-- via my feedly.com reader

Second release of the month is now available with nice and various improvements.

In short, we got a fully automatic patch system, a huge performance boost on statistics, ACLs with inheritance, a protection again brute force login and a lot of smaller improvements. And also bugs fixes (we closed 28 issues)!

Fully automated patching

You just installed a brand new XenServer, and you see this:

This is a lot of patches to install...

To avoid a click frenzy and waiting for each patch to be downloaded and applied, we added this:

Seems trivial, but it's not: some patches conflicts with others (e.g: pre-SP1 patches), and some others have dependencies (e.g: post-SP1 patches).

In order to do that properly, we made a lot of tests to find the best solution possible. Anyway, you don't have to think anymore: just click, and it will install all patches in the right order. Without asking you anything.

You could also monitor thanks to the pending task indicating which patch is currently being transferred:

ACLs inheritance

Up until now you had to give access to users to each individual objects. For instance, if a user should be able to view a pool, you had to also give it access to every contained VMs, which could be cumbersome and even worse, you had to create new ACLs for each new VM.

Xen Orchestra 4.8 introduces ACLs inheritance: an ACL on a pool automatically gives access to everything inside, hosts, SRs and VMs. Similarly, giving access to a host, also grants access to all contained VMs.

Huge leap in stats performances

Remember, XML parsing is very CPU intensive. Solution? Remove it! Read more in our previous blog post about increasing performances on statistics fetching.

We also made some cache to permit a nice scalability in terms of concurrent users asking for stats.

Brute-force protection

Previously, an attacker could attempt to brute-force an user's password, that is to say trying very quickly a lot of passwords until one allows it to sign in.

The efficiency of this kind of attacks is directly related to the rate at which the password candidates can be tried, that's why this new release of Xen Orchestra introduces a throttling mechanism which prevents more that one attempt every 2 seconds for a given user.

New icons for various Linux distros

You can know differentiate easily your various Unix/Linux distros in the main view:

Here, you got a Debian, a FreeBSD, an Ubuntu and a Windows VM.

Network install for HVM templates

The title of this section speaks for itself:

Next step: backup!

We have a lot to do with the backup, and frankly, it's pretty exciting!

  • Reports and alerts on the scheduled backup process
  • More automated DR process
  • Recover a backup directly from the web interface

This will be out for the 4.9 :)

Stay tuned!