XenServer Dundee Released
// Latest blog entries
It was a little over a year ago when I introduced a project code named Dundee to this community. In the intervening year, we've had a number pre-release builds; all introducing ever greater capabilities into what I'm now happy to announce as XenServer 7. As you would expect from a major version number, XenServer 7 makes some rather significant strides forward, and defines a significant new capability.
Let's start first with the significant new capability. Some of you may have noted an interesting new security effort appear in upstream Xen a few years ago. Leading this effort was Bitdefender, and at the time it was known by the catchy title of "virtual machine introspection". This effort takes full advantage of the Intel EPT virtualization extensions to permit a true agentless anti-malware solution, where the anti-malware engine is placed in a service VM which is inaccessible from the guest VMs. XenServer 7 officially supports this technology with the Direct Inspect API set, and is platform ready for Bitdefender GravityZone HVI. For virtualization users, the combination of Direct Inspect and GravityZone HVI reduces the attack surface for malware by both removing in-guest agents, and by actively monitoring memory usage from the hypervisor to detect malicious memory accesses and flag questionable activity for remediation. When combined with support for Intel SMAP and PML, XenServer 7 offers significantly increased security compared to previous versions. Since secure operation extends to secure access to the host management APIs, XenServer 7 fully supports TLS 1.2, and can optionally mandate the use of TLS 1.2.
XenServer 7 extends the vGPU market initially defined in 2013 to include both increased scalability with NVIDIA GRID Maxwell M10 and the latest Intel Iris Pro virtual graphics. When combined, these vGPU extensions open the door to greater adoption of virtualized graphics by both increasing the number of GPU enabled VMs per host, as well as potentially removing the requirement for a dedicated GPU add-in card.
Operating virtual infrastructure at any level of scale requires an understanding of the overall health of the environment. While recent XenServer versions have included the ability to upload server status information to the free Citrix Insight Services, this operation was completely manual. With XenServer 7, we're introducing Health Check which is a proactive service which works in concert with Insight Services to monitor the operational health of a XenServer environment, and proactively alert you to any issues. The best part of Health Check is that it's completely free and open to any user of XenServer 7.
No major release would be complete without a requisite bump in performance, and XenServer 7 is no exception. Host memory limits have been bumped to 5TB per host, with a corresponding bump to 1.5TB per VM; OS willing of course. Host CPU count has been increased to 288 cores, and guest virtual CPU count has increased to 32; again OS willing. Disk scalability has also increased with support for up to 255 virtual block devices per VM and 4096 VBDs per host, all while supporting up to 20,000 VDIs per SR. Since XenServer often is deployed in Microsoft Windows environments, Active Directory support for role based authentication is a key requirement, and with XenServer 7, we've improved overall AD performance to support very large AD forests with a resulting improvement in login times.
XenServer 7 is available for download today, and can be obtained for free from the XenServer download page.
Shared via my feedly newsfeed
Sent from my iPhone
Post a Comment